Identifiers in RegistersBuilt with the knowledge package: technical terms are hyperlinked to their definitions.

Identifiers in Registersthanks: Built with the knowledge package: technical terms are hyperlinked to their definitions.

Describing Network Algorithms with Logic
Benedikt Bollig LSV, CNRS, ENS Paris-Saclay, Université Paris-Saclay, France
11email:,  11email:,  11email:
   Patricia Bouyer LSV, CNRS, ENS Paris-Saclay, Université Paris-Saclay, France
11email:,  11email:,  11email:
   Fabian Reiter LSV, CNRS, ENS Paris-Saclay, Université Paris-Saclay, France
11email:,  11email:,  11email:

We propose a formal model of distributed computing based on \kl[distributed register automata]register automata that captures a broad class of synchronous network algorithms. The local memory of each process is represented by a finite-state controller and a fixed number of \klregisters, each of which can store the unique \klidentifier of some process in the network. To underline the naturalness of our model, we show that it has the same expressive power as a certain extension of \klfirst-order logic on \klgraphs whose \klnodes are equipped with a total order. Said extension lets us define new functions on the set of \klnodes by means of a so-called \klpartial fixpoint operator. In spirit, our result bears close resemblance to a classical theorem of descriptive complexity theory that characterizes the complexity class in terms of partial fixpoint logic (a proper superclass of the logic we consider here).

1 Introduction

This paper is part of an ongoing research project aiming to develop a descriptive complexity theory for distributed computing.

In classical sequential computing, descriptive complexity is a well-established field that connects computational complexity classes to equi-expressive classes of logical formulas. It began in the 1970s, when Fagin showed in [Fagin74] that the \klgraph properties decidable by nondeterministic Turing machines in polynomial time are exactly those definable in existential second-order logic. This provided a logical—and thus machine-independent—characterization of the complexity class . Subsequently, many other popular classes, such as , , and were characterized in a similar manner (see for instance the textbooks [DBLP:series/txtcs/GradelKLMSVVW07, DBLP:books/daglib/Immerman99, DBLP:books/sp/Libkin04]).

Of particular interest to us is a result due to Abiteboul, Vianu [DBLP:conf/lics/AbiteboulV89], and Vardi [DBLP:conf/stoc/Vardi82], which states that on structures equipped with a total order relation, the properties decidable in coincide with those definable in partial fixpoint logic. The latter is an extension of first-order logic with an operator that allows us to inductively define new relations of arbitrary arity. Basically, this means that new relations can occur as free (second-order) variables in the logical formulas that define them. Those variables are initially interpreted as empty relations and then iteratively updated, using the defining formulas as update rules. If the sequence of updates converges to a fixpoint, then the ultimate interpretations are the relations reached in the limit. Otherwise, the variables are simply interpreted as empty relations. Hence the term “partial fixpoint”.

While well-developed in the classical case, descriptive complexity has so far not received much attention in the setting of distributed network computing. As far as the authors are aware, the first step in this direction was taken by Hella et al. in [DBLP:conf/podc/HellaJKLLLSV12, DBLP:journals/dc/HellaJKLLLSV15], where they showed that basic modal logic evaluated on finite graphs has the same expressive power as a particular class of distributed automata operating in constant time. Those automata constitute a weak model of distributed computing in arbitrary network topologies, where all \klnodes synchronously execute the same finite-state machine and communicate with each other by broadcasting messages to their \klneighbors. Motivated by this result, several variants of distributed automata were investigated by Kuusisto and Reiter in [DBLP:conf/csl/Kuusisto13], [DBLP:conf/icalp/Reiter17] and [DBLP:conf/lics/Reiter15] to establish similar connections with standard logics such as the modal -calculus and monadic second-order logic. However, since the models of computation investigated in those works are based on anonymous finite-state machines, they are much too weak to solve many of the problems typically considered in distributed computing, such as leader election or constructing a \klspanning tree. It would thus be desirable to also characterize stronger models.

A common assumption underlying many distributed algorithms is that each \klnode of the considered network is given a unique \klidentifier. This allows us, for instance, to elect a leader by making the \klnodes broadcast their \klidentifiers and then choose the one with the smallest \klidentifier as the leader. To formalize such algorithms, we need to go beyond finite-state machines because the number of bits required to encode a unique \klidentifier grows logarithmically with the number of \klnodes in the network. Recently, in [DBLP:conf/concur/AiswaryaBG15, DBLP:journals/iandc/AiswaryaBG18], Aiswarya, Bollig and Gastin introduced a synchronous model where, in addition to a finite-state controller, \klnodes also have a fixed number of \klregisters in which they can store the \klidentifiers of other \klnodes. Access to those \klregisters is rather limited in the sense that their contents can be compared with respect to a total order, but their numeric values are unknown to the \klnodes. Similarly, \klregister contents can be copied, but no new values can be generated. Since the original motivation for this model was to automatically verify certain distributed algorithms running on ring networks, its formal definition is tailored to that particular setting. However, the underlying principle can be generalized to arbitrary networks of unbounded \klmaximum degree, which was the starting point for the present work.


While on an intuitive level, the idea of finite-state machines equipped with additional \klregisters might seem very natural, it does not immediately yield a formal model for distributed algorithms in arbitrary networks. In particular, it is not clear what would be the canonical way for \klnodes to communicate with a non-constant number of peers, if we require that they all follow the same, finitely representable set of rules.

The model we propose here, dubbed \kldistributed register automata, is an attempt at a solution. As in [DBLP:conf/concur/AiswaryaBG15, DBLP:journals/iandc/AiswaryaBG18], \klnodes proceed in synchronous rounds and have a fixed number of \klregisters, which they can compare and update without having access to numeric values. The new key ingredient that allows us to formalize communication between \klnodes of unbounded \kldegree is a local computing device we call \kltransition maker. This is a special kind of register machine that the \klnodes can use to scan the \klstates and \klregister values of their entire neighborhood in a sequential manner. In every round, each \klnode runs the \kltransition maker to update its own \kllocal configuration (i.e., its \klstate and \klregister valuation) based on a snapshot of the \kllocal configurations of its \klneighbors in the previous round. A way of interpreting this is that the \klnodes communicate by broadcasting their \kllocal configurations as messages to their \klneighbors. Although the resulting model of computation is by no means universal, it allows formalizing algorithms for a wide range of problems, such as constructing a \klspanning tree (see Example LABEL:ex:spanning-tree) or testing whether a \klgraph is Hamiltonian (see Example LABEL:ex:hamiltonian-cycle-automaton).

Nevertheless, our model is somewhat arbitrary, since it could be just one particular choice among many other similar definitions capturing different classes of distributed algorithms. What justifies our choice? This is where descriptive complexity comes into play. By identifying a logical formalism that has the same expressive power as \kldistributed register automata, we provide substantial evidence for the naturalness of that model. Our formalism, referred to as \klfunctional fixpoint logic, is a fragment of the above-mentioned partial fixpoint logic. Like the latter, it also extends \klfirst-order logic with a \klpartial fixpoint operator, but a weaker one that can only define unary functions instead of arbitrary relations. We show that on totally ordered \klgraphs, this logic allows one to express precisely the \kl[graph properties]properties that can be \kldecided by \kldistributed register automata. The connection is strongly reminiscent of Abiteboul, Vianu and Vardi’s characterization of , and thus contributes to the broader objective of extending classical descriptive complexity to the setting of distributed computing. Moreover, given that logical \klformulas are often more compact and easier to understand than abstract machines (compare Examples LABEL:ex:hamiltonian-cycle-automaton and LABEL:ex:hamiltonian-cycle-formula), logic could also become a useful tool in the formal specification of distributed algorithms.

The remainder of this paper is structured around our main result:

Theorem 1.1

When restricted to finite graphs whose nodes are equipped with a total order, \kldistributed register automata are effectively \klequivalent to \klfunctional fixpoint logic.

After giving some preliminary definitions in Section 2, we formally introduce \kldistributed register automata in Section 3 and \klfunctional fixpoint logic in Section LABEL:sec:logic. We then sketch the proof of Theorem 1.1 in Section LABEL:sec:automata-vs-logic, and conclude in Section LABEL:sec:conclusion.

2 Preliminaries


We denote the empty set by , the set of nonnegative integers by , and the set of integers by . The cardinality of any set  is written as  and the power set as .


In analogy to the commonly used notation for real intervals, we define the notation for any such that . To indicate that an endpoint is excluded, we replace the corresponding square bracket with a parenthesis, e.g., . Furthermore, if we omit the first endpoint, it defaults to . This gives us shorthand notations such as and .


All \klgraphs we consider are finite, simple, undirected, and connected. For notational convenience, we identify their \klnodes with nonnegative integers, which also serve as unique \klidentifiers. That is, when we talk about the \introidentifier of a \klnode, we mean its numerical representation. A \intrograph is formally represented as a pair , where the set  of \intronodes is equal to , for some integer , and the set  consists of undirected \introedges of the form such that . Additionally, must satisfy that every pair of \klnodes is connected by a sequence of edges. The restriction to graphs of size at least two is for technical reasons; it ensures that we can always encode Boolean values as \klnodes.


We refer the reader to [DBLP:books/daglib/0030488] for standard graph theoretic terms such as \introneighbor, \introdegree, \intromaximum degree, \introdistance, and \introspanning tree.


Graphs are used to model computer networks, where \klnodes correspond to processes and \kledges to communication links. To represent the current \klconfiguration of a system as a \klgraph, we equip each \klnode with some additional information: the current \klstate of the corresponding process, taken from a nonempty finite set , and some pointers to other processes, modeled by a finite set  of \klregisters.


We call a \introsignature and define a -\introconfiguration as a tuple , where is a \klgraph, called the \introunderlying \klgraph of , is a \introstate function that assigns to each \klnode a \klstate , and is a \introregister valuation function that associates with each \klnode a \introregister valuation . The set of all -\klconfigurations is denoted by . Figure LABEL:fig:local-configuration on page LABEL:fig:local-configuration illustrates part of a -\klconfiguration.


If , then we are actually dealing with a tuple , which we call a -\introlabeled graph. Accordingly, the elements of  may also be called \introlabels. A set  of \kllabeled graphs will be referred to as a \intrograph property. Moreover, if the \kllabels are irrelevant, we set  equal to the singleton , where  is our dummy \kllabel. In this case, we identify with  and call it an \introunlabeled \klgraph.

3 Distributed register automata

Many distributed algorithms can be seen as transducers. A leader-election algorithm, for instance, takes as input a network and outputs the same network, but with every process storing the \klidentifier of the unique leader in some dedicated \klregister . Thus, the algorithm transforms a -\klconfiguration into a -\klconfiguration. We say that it defines a \transduction\tuple\Singleton,\EmptySet\tuple\Singleton,{\Register}. By the same token, if we consider distributed algorithms that \kldecide \klgraph properties (e.g., whether a \klgraph is Hamiltonian), then we are dealing with a \transduction\tuple\InputLabelSet,\EmptySet\tuple\set\OutputYes,\OutputNo,\EmptySet, where is some set of \kllabels. The idea is that a \klgraph will be accepted if and only if every process eventually outputs .


Let us now formalize the notion of \kltransduction. For any two \klsignatures and , a \intro*\transduction\InputSignature\OutputSignature is a partial mapping such that, if defined, for some  and . That is, a \kltransduction does not modify the \klunderlying \klgraph but only the \klstates and \klregister valuations. We denote the set of all \transduction[s]\InputSignature\OutputSignature by and refer to  and  as the \intro[input signature]input and \introoutput signatures of . By extension, and  are called the sets of \intro[input labels]input and \introoutput labels, and  and  the sets of \intro[input registers]input and \introoutput registers. Similarly, any -\klconfiguration  can be referred to as an \introinput configuration of  and  as an \introoutput configuration.

Next, we introduce our formal model of distributed algorithms.

Definition 1 (Distributed register automaton)

Let and be two \klsignatures. A \introdistributed register automaton (or simply \reintroautomaton) with \klinput signature  and \kloutput signature  is a tuple consisting of a nonempty finite set  of \introstates, a finite set  of \introregisters that includes both  and , an \introinput function , a \kltransition maker  whose specification will be given in Definition LABEL:def:transition-maker below, a set  of \introhalting states, and an \introoutput function . The \klregisters in are called \introauxiliary registers.


Automaton  computes a \kltransduction . To do so, it runs in a sequence of synchronous rounds on the \klinput configuration’s \klunderlying \klgraph . After each round, the \klautomaton’s global configuration is a -\klconfiguration , i.e., the \klunderlying \klgraph is always . As mentioned before, for a \klnode , we interpret as the current \klstate of  and as the current \klregister valuation of . Abusing notation, we let and say that is the \introlocal configuration of . In Figure LABEL:fig:local-configuration, the \kllocal configuration of \klnode  is .


For a given \klinput configuration , the \klautomaton’s \introinitial configuration is , where for all , we have if , and if . This means that every \klnode  is initialized to \klstate , and ’s initial \klregister valuation  assigns ’s own \klidentifier (provided by ) to all non-\klinput registers while keeping the given values assigned by  to the \klinput registers.

Comments 0
Request Comment
You are adding the first comment!
How to quickly get a good reply:
  • Give credit where it’s due by listing out the positive aspects of a paper before getting into which changes should be made.
  • Be specific in your critique, and provide supporting evidence with appropriate references to substantiate general statements.
  • Your comment should inspire ideas to flow and help the author improves the paper.

The better we are at sharing our knowledge with each other, the faster we move forward.
The feedback must be of minimum 40 characters and the title a minimum of 5 characters
Add comment
Loading ...
This is a comment super asjknd jkasnjk adsnkj
The feedback must be of minumum 40 characters
The feedback must be of minumum 40 characters

You are asking your first question!
How to quickly get a good answer:
  • Keep your question short and to the point
  • Check for grammar or spelling errors.
  • Phrase it like a question
Test description