Simulation Problems Over One-Counter Nets

One-counter nets (OCN) are finite automata equipped with a counter that can store non-negative integer values, and that cannot be tested for zero. Equivalently, these are exactly 1-dimensional vector addition systems with states. We show that both strong and weak simulation preorder on OCN are PSPACE-complete.


Introduction
One-counter automata (OCAs) are Minsky counter automata with only one counter, and they can also be seen as a subclass of pushdown automata with just one stack symbol (plus a bottom symbol).One-counter nets (OCNs) are a subclass of OCAs where the counter cannot be fully tested for zero, because steps enabled at counter value zero are also enabled at nonzero values.OCNs correspond to 1-dimensional vector addition systems with states, and are arguably the simplest model of discrete infinite-state systems, except for those that do not have a global finite control.
Notions of behavioral semantic equivalences have been classified in Van Glabbeek's linear time -branching time spectrum [5].The most common ones are, in order from finer to coarser, bisimulation, simulation and trace equivalence.Each of these have their standard (called strong) variant, and a weak variant that abstracts from arbitrarily long sequences of internal actions.
The picture is more complicated for simulation preorders.While strong and weak simulation are undecidable for OCAs [10], they are decidable for OCNs.Decidability of strong simulation on OCNs was first proven in [2], by establishing that the simulation relation follows a certain regular pattern.This idea was made more graphically explicit in later proofs [9,8], which established the so-called Belt Theorem, that states that the simulation preorder relation on OCNs can be described by finitely many partitions of the grid N × N, each induced by two parallel lines.In particular, this implies that the simulation relation is semilinear.However, the proofs in [2,9,8] did not yield any upper complexity bounds; in particular, the first proof was based on two semi-decision procedures and the later proof of the Belt Theorem was non-constructive.A PSPACE lower bound for strong simulation on OCNs follows from [14].
Decidability of weak simulation on OCNs was shown in [7], using a converging series of semilinear approximants.This proof used the decidability of strong simulation on OCNs as an oracle, and thus did not immediately yield any upper complexity bound.
Our contribution.First, we provide a new constructive proof of the Belt Theorem and derive a PSPACE algorithm for checking strong simulation preorder on OCNs.Together with the lower bound from [14], this shows PSPACE-completeness of the problem.
Second, via a technical adaption of the algorithm for weak simulation in [7], and the new PSPACE algorithm for strong simulation, we also obtain a PSPACE algorithm for weak simulation preorder on OCNs.Thus even weak simulation preorder on OCNs is PSPACE-complete.
The decidability and complexity status of the most relevant semantic equivalences and preorders for OCAs/OCNs is summarized in the table below ('×' stands for undecidable).Our PSPACE-completeness results close the last remaining important open problem concerning the complexity of equivalence/preorder checking for one-counter systems.simulation bisimulation weak sim.weak bisim.trace inclusion OCN PSPACE PSPACE [3] PSPACE × [16] This paper is a revised and extended version of material previously presented in [7,6,15], and is organized as follows.In Section 2 we state the simulation problems and our main result, and give an outline of the ideas used in the proof.In Section 3 we fix basic terms and notation, and show how to transform the problem into a more convenient normal form.The proof of PSPACE-completeness for strong simulation preorder, as well as an analysis of the combinatorial structure of this relation, is presented in Section 4. We then apply and extend this result in Section 5 to show PSPACE-completeness even for weak simulation preorder.Finally, in Section 6, we summarize our results and mention some open problems.

Statement of the Result
A labeled transition system (LTS) over a finite alphabet Act of actions consists of a set S of configurations (also called processes) and, for every action a ∈ Act, a binary relation As usual, w.l.o.g.one may assume S = S , since one can consider disjoint union of two LTSs.Strong simulations are closed under union, so there exists a unique maximal strong simulation.This maximal strong simulation is a preorder, called strong simulation preorder, and denoted by .If c c then one says that c strongly simulates c.
Simulation preorder can also be characterized as an interactive, two-player game played between Spoiler, who wants to establish non-simulation and Duplicator, who wants to frustrate this.Definition 2. A simulation game is played in rounds between the two players Spoiler and Duplicator, where the latter tries to stepwise match the moves of the former.
A play is a finite or infinite sequence of game positions, which are pairs of processes.If a finite play (α 0 , α 0 ), (α 1 , α 1 ), . . ., (α i , α i ) is not already winning for one of the players, the next pair (α i+1 , α i+1 ) is determined by a round of choices: (1) Spoiler chooses a step α i a − − → α i+1 where a is any element of Act.
(2) Duplicator responds by picking an equally labeled step α i a − − → α i+1 .If one of the players cannot move then the other wins, and Duplicator wins every infinite play.
A strategy is a set of rules that tells a player how to move.More precisely, a strategy for Spoiler is a function σ : P P → (− − →), where P P denotes the set of partial plays (non-empty sequences of game positions), and − − → is the step-relation in the transition system.Similarly, a strategy for Duplicator is a function σ : P P × (− − →) → (− − →), assigning each partial play and Spoiler move a response.A player plays according to a strategy if all his moves obey the rules of the strategy.A strategy is winning from (α, α ) if every play that starts in (α, α ) and which is played according to that strategy is winning.Finally, we say that a player wins the simulation game from (α, α ) if there is some winning strategy for this player from position (α, α ).
Due to the type of winning condition (a simulation game is essentially a turn-based reachability game where Spoiler wins a play if it reaches a game configuration where Duplicator is stuck) positional (i.e., memoryless) strategies are sufficient.Thus one can restrict to strategies that map the current game configuration to a step, i.e. σ : (S×S) → (− − → ).Correspondingly, a strategy for Duplicator is a partial function σ : (S × S× − − →) → (− − →), that prescribes a response for the current position and Spoiler's move.
We see that one round of the simulation game directly corresponds to the simulation condition of Definition 1. Spoiler can stepwise demonstrate that the condition is not an invariant if the initial pair of processes is indeed not in simulation.Conversely, any simulation that contains the initial pair of processes prescribes a winning strategy for Duplicator in the simulation game.Proposition 3.For any two processes α, α ∈ S, Duplicator has a winning strategy in the simulation game from position (α, α ) if and only if α α .
A natural extension of simulation is weak simulation, that abstracts from internal steps.For a labeled transition system with a special action τ ∈ Act, define weak step relations by Weak simulation is defined similar to strong simulation in Definition 1, except that the weak simulation condition requires that some weak step exists.Formally: Weak simulation preorder can also be characterized using a variant of the simulation game described above, in which Duplicator moves along weak steps.This game is called the weak simulation game.Yet another variant of this game, in which also Spoiler moves along weak steps, induces the same notion of weak simulation preorder.We will use the "asymmetric" game define above in this paper.
For systems without τ -labeled steps, a − − → = a = = ⇒ holds for every action a, and therefore strong and weak simulation coincide.In general however, weak simulation is coarser than strong simulation: c c implies c c .Definition 5 (One-Counter Nets).A one-counter net (OCN) is a triple N = (Q, Act, δ) consisting of finite sets of control states Q, action labels Act and transitions δ ⊆ Q × Act × {−1, 0, 1} × Q.Each transition t = (p, a, d, q) ∈ δ defines a relation where for all control states p , q ∈ Q and integers m, n ∈ N (p , m) t − − → (q , n) if p = p, q = q and n = m + d ≥ 0. The labeled transition system induced by the OCN has the same action alphabet Act and the set of configurations S = Q × N. Its step relations a − − → are defined as follows.We have (p, m) a − − → (q, n) iff ∃t = (p, a, d, q) ∈ δ. (p, m) t − − → (q, n).
In the sequel we use both the relations t − − → labeled by transitions t, and the relations a − − → labeled by actions a ∈ Act.For convenience, we will assume that Q ∩ N = ∅ and write configurations (p, m) simply as pm.On the formal level, steps should not be confused with transitions: there is a step pm a − − → qn iff there is a transition (p, a, d, q) ∈ δ and n = m + d ≥ 0.
We will sometimes simply write OCN process for a configuration in the LTS induced by some OCN.Example 6.Let N = ({p}, {a, τ }, {(p, a, −1, p), (p, τ, +1, p)}) be the OCN consisting of a single state with two self-looping transitions: One is labeled by a and is counter decreasing, and the other is labeled by τ and increases the counter.In this system, pn is simulated by pm (pn pm) if, and only if n ≤ m.However, pn pm holds for all n, m ∈ N because of the weak steps pm a = = ⇒ pm for every m ≥ (m − 1).
We study the computational complexity of the following decision problem.The main result of this paper is the following upper bound.

Input:
Two OCNs N and N together with configurations qn and q n of N and N , respectively, where n and n are given in binary.Question: qn q n ?Theorem 7. The weak simulation problem for OCNs is in PSPACE.
Remark 1.The upper bound applies also to strong simulation, since for systems without τ -labeled steps, strong and weak simulation coincide.Combined with the PSPACE-hardness result for strong simulation by [14] (which holds even if all numbers are represented in unary), this yields PSPACE-completeness of both strong and weak simulation problems.
Remark 2. Our construction can also be used to compute the simulation relation as a semilinear set, but its description requires exponential space.However, checking a point instance qn q n of the simulation problem can be done in polynomial space by stepwise guessing and verifying only a polynomially bounded part of the relation.
Outline of the proof.In LTSs induced by OCNs, the step relation is monotone w.r.t. the counter value.Thus, the strong and weak simulation games are also monotone for both players: If Duplicator wins from a position (qn, q n ) then he also wins from (qn, q m) for all m > n .Similarly, if Spoiler wins from (qn, q n ) then she also wins from (qm, q n ) for all m > n.It follows that, for every fixed pair (q, q ) of control states, the winning regions of the two players partition the grid N × N into two connected subsets.For strong simulation, it is known [9,8] that the frontier between these two subsets is contained in a belt, i.e., it lies between two parallel lines with a rational slope.This property is also known as the Belt Theorem.However, previous proofs of this theorem [9,8] used non-constructive arguments and did not yield precise bounds on the width of the belt and on the rational coefficients of the slope.
We provide a new constructive proof of the Belt Theorem that yields tight bounds on the width and slopes of the belts, which makes it possible to obtain a PSPACE algorithm for checking strong simulation preorder.Our proof is based on the analysis of symbolic slope games.This new game is similar to the simulation game, but necessarily ends after a polynomial number of rounds.We show that, for sufficiently high counter-values, both players can re-use winning strategies from the slope game also in the simulation game.As a by-product of this characterization, we obtain polynomial bounds on the widths and slopes of the belts.Once the belt-coefficients are known, one can compute the frontiers between the winning sets of the opposing players exactly, because every frontier necessarily adheres to a regular pattern.
In the second part of the paper (Section 5) we prove the decidability of weak simulation preorder by showing that it is the limit of a finitely converging series of effectively constructible semilinear relations that over-approximate it.A careful analysis of the size of the representations of these approximants, combined with the previously established PSPACE algorithm for strong simulation preorder, then yields a PSPACE algorithm for checking weak simulation preorder.

Preliminaries
3.1.Paths and Loops.Let N = (Q, Act, δ) be a OCN.For a transition t = (p, a, d, p ) ∈ δ we write source(t) = p and target(t) = p for the source and target states, λ(t) = a for its label and ∆(t) = d for its effect on the counter.
A path (of length k) in N is a sequence π = p 0 t 1 p 1 t 2 p 2 . . .p k−1 t k p k where all p i ∈ Q and t i ∈ δ and for every 1 ≤ i ≤ k, p i−1 = source(t i ) and target(t i ) = p i .The source and target of π are p 0 and p k , respectively.Its label is λ(π) = λ(t 1 )λ(t 2 ) . . .λ(t k ) ∈ Act * and its effect is the cumulative effect of its transitions: A path π as above is a cycle if p 0 = p k and a simple cycle if it is a cycle and moreover, no proper subpath is itself a cycle.We say a path π is enabled in configuration pm if it prescribes a valid path from configuration pm in the labeled transition system of N , i.e., if there exist non-negative integers m 0 , m 1 , . . ., m k such that p 0 m 0 = pm and There is a minimal sufficient counter value Γ(π) that enables it.This guard of π can be defined as the minimal m ∈ N such that no prefix of π has an effect less than −m.Writing i π for the prefix of path π of length i, the guard of π is given as Note that there are different paths of length 0 because the initial state forms part of a path.Any zero-length path π has effect and guard ∆(π) = Γ(π) = 0. Surely, both the effect and the guard of any path are bounded by its length.
3.2.Monotonicity.One-counter nets enjoy the following important monotonicity property which is crucial in our argument and which immediately follows from the definition.A step pm a − − → qn in a OCN N = (Q, Act, δ) is due to some transition (p, a, d, q) ∈ δ with d = n − m.The same transition then justifies a step p(m + l) a − − → q(n + l) for any number l ∈ N. We thus observe that for all OCN processes pm and l ∈ N, because Duplicator can mimic the behavior of Spoiler's process to win the simulation game.Seen as a function, this "copycat" strategy is simply the identity.Seen as a tree, it has the property that every node is of the form [qn, q(n + l)], where q ∈ Q and n ∈ N. Equation (3.3) implies that on OCNs, all preorders that are coarser than , the maximal strong simulation, are monotonic in the following sense.
Lemma 8 (Monotonicity).Let pm be a OCN process, s an arbitrary process and be any transitive relation that subsumes strong simulation .Then, for every m ≤ n, (1) pm s implies pn s, and (2) s pm implies s pn.
Proof.By Eq. (3.3) we have pm pn and thus pm pn.The claim directly follows from this observation and the transitivity of .
The above monotonicity property holds in particular for being strong or weak simulation, trace inclusion or any approximating relation α defined later in this paper.
The following is a direct consequence of Lemma 8 that we state here only because we are particularly interested in simulation games played on OCNs.
Corollary 9. Let pm and p m be two OCN processes and be any transitive relation that subsumes strong simulation.Then pm p m implies pn p n for all n ≤ m and m ≤ n .
3.3.Product Graphs.When we consider simulation games played on LTS induced by OCN, it is convenient to identify individual plays with paths in the synchronous product of the two given OCNs.In later constructions we will in particular be interested in the effects of cyclic paths in this product.
The product graph of two OCNs N = (Q, Act, δ) and N = (Q , Act, δ ) is the finite, edge-labeled graph with nodes V = Q × Q and edges is a pair of transitions) we can naturally speak of its two projections, π and π , which are paths in N and N , respectively.The path ξ is enabled in (pm, p m ) if both π is enabled in pm and π is enabled in p m .In this case we write (pm, p m The source, and target of paths in OCN are lifted to paths in products in a natural way: We define source(ξ) = (source(π), source(π )), target(ξ) = (target(π), target(π )).We write ∆(ξ) = ∆(π) and Γ(ξ) = Γ(π) as well as ∆ (ξ) = ∆(π ) and Γ (ξ) = Γ(π ).
A nonempty path ξ is a cycle if source(T 1 ) = target(T k ).It is a simple cycle or loop if it is a cycle but none of its proper subpaths is a cycle.
A lasso is a path that contains a cycle while none of its strict prefixes does.That is, a path ξ as above is a lasso if there exists l ≤ k such that target(T k ) = source(T l ) and for all 1 ≤ i ≤ j < k, target(T j ) = source(T i ).A lasso ξ naturally splits into 3.4.Normal Form.We prove a simple normal-form theorem (Lemma 11) for simulation games on OCNs, that essentially states that Spoiler can only win if she forces Duplicator to empty his counter.Definition 10.A OCN N = (Q, Act, δ) is complete if for every state p ∈ Q and every action a ∈ Act, there exists at least one transition (p, a, d, q) ∈ δ.It is non-blocking if none of its processes is a deadlock, i.e., if for every state p ∈ Q there is some transition (p, a, d, q) ∈ δ with d ∈ {0, 1}.
A pair N , N of OCNs is in normal form if N is non-blocking and N is complete.
Lemma 11.For any two OCNs N = (Q, Act, δ) and N = (Q , Act , δ ), one can compute in logarithmic space a pair M, M of OCNs in normal form with sets of control states Q and S ⊇ Q , respectively, such that for all (q, n, q , n ) ∈ (Q × N × Q × N) and for every ∈ { , } it holds that qn q n w.r.t.N , N ⇐⇒ qn q n w.r.t.M, M .
Proof.We pick a new action label $ ∈ Act and turn N into a non-blocking net M by adding $-labeled cycles with effect 0 to all states: M = (Q, Act ∪ {$}, δ) with δ = δ ∪ {(s, $, 0, s) | s ∈ Q}.To compensate for this, we add $-cycles to all states of N in the same way.To complete the second net, add a sink state L (for "losing"), which has counter-decreasing cycles for all actions, including $ action, and connect all states without outgoing a-transitions to L by a-labeled transitions.Assume Spoiler, playing on N , wins the (weak) simulation game against Duplicator playing on N .In the game on M and M , Spoiler can move according to a winning strategy in the original game and thus force a play ending in a position (pm, p m ) that is immediately winning in the game on N and N , i.e., pm a − − → rl but p m a − − → for some action a.Thus the game on M, M continues in the position (rl, Lm ), which is clearly winning for Spoiler because she can exhaust her opponent's counter and win using finitely many $-moves.
Conversely, if Duplicator wins the (weak) simulation game on N and N this means that each play is either infinite or ends in a position (pm, p m ) where pm a − − → for all actions a.In the game on M and M , the latter case means that Spoiler has no choice but to make $-moves indefinitely, which is losing for her.
Lemma 11 allows us to focus w.l.o.g. on instances of the (weak) simulation problems where the given systems are normalized.In particular, Spoiler cannot get stuck and only loses infinite plays, and Duplicator can only be stuck (and lose the game) if his counter equals zero.Therefore, every branch in any winning strategy for Spoiler ends in a position where Duplicator has counter value 0.

Strong Simulation
In this section we consider strong simulation only and therefore write shortly 'simulation preorder', 'simulation game', etc. instead of strong simulation preorder/game.
Let us fix two OCN N and N , with sets of control states Q and Q , respectively.Following [8,9], we interpret as a 2-coloring of K = |Q × Q | Euclidean planes, one for each pair of control states (q, q ) ∈ Q × Q .As proposed by Jančar and Moller [9], every pair of configurations (qn, q n ) is represented by the unique point (n, n ) on the plane for the pair of control states (q, q ).If qn q n then the point is colored with color-and otherwise with color-.This graphical perspective on the simulation relation is very helpful in many parts of the proof.
The main combinatorial insight of [8] (this was also present in [2], albeit less explicitly) is the so-called Belt Theorem, that states that each such plane can be cut into segments by two parallel lines such that the coloring of in the outer two segments is constant; see Figure 1.We provide a new constructive proof of this theorem, stated as Theorem 13 below, that allows us to derive polynomial bounds on the coefficients of all belts.
points that lie on the half-line defined by (ρ, ρ ) from the origin1 .
For a positive vector (ρ, ρ ) and a number c ∈ R we say that the point (n, n ) ∈ Z × Z is c-above (ρ, ρ ) if there exists some point (r, r ) ∈ R + • (ρ, ρ ) in the direction of (ρ, ρ ) such When c = 0 we omit it and write simply 'below' or 'above'.
Theorem 13 (Belt Theorem).Let N and N be two OCNs in normal form, with sets of states Q and Q respectively and let C ≤ |Q × Q | ∈ N be 1 plus the maximal length of an acyclic path in the product graph of N and N .Then for every pair (q, q ) ∈ Q × Q of states there is a positive vector (ρ, ρ Notice that a point (n, n ) ∈ N 2 is c-below the positive vector (0, 1) iff n > c and that no point in N 2 is c-above this vector.In the particular case of a pair of states (p, p ) with pm p m for all m, m ∈ N, the vertical vector (ρ, ρ ) = (0, 1) satisfies the claim of the Belt Theorem.
Our proof of Theorem 13 can be found in Section 4.2.It is based on a finite abstraction of the simulation game, that we will analyze in the next section.4.1.Slope Games.By Lemma 11 (page 7), we can assume without loss of generality that the pair of OCNs N , N are in normal form (Definition 10).Intuitively, this means that in a simulation game, it is Spoiler's objective to exhaust her opponent's counter.Consequently, her local goal is to maximize the ratio n/n between the counter values along a play.
Consider the product graph of N and N and let K = |Q × Q | be the number of states in this product.If we ignore the actual counter values, any play of the simulation game starting in two processes of N and N respectively, describes a path in this product graph.Moreover, after at most K rounds, a pair of control states is revisited, which means the corresponding path in the product is a lasso.
The effects of cycles in the product will play a central role in our further construction.The intuition is that if a play of a simulation game describes a lasso then both players "agree" on the chosen cycle.Repeating this cycle will change the ratio of the counter values towards its effect.
To formalize this intuition, we define a finitary slope game which proceeds in phases.In each phase, the players alternatingly move on the control graphs of their original nets, ignoring the counter, and thereby determine the next lasso that occurs.After such a phase, a winning condition is evaluated that compares the effect of the chosen lasso's cycle with that of previous phases.Now either one player immediately wins or the effect of the last cycle was strictly smaller than all previous ones and the next phase starts.The number of different effects of simple cycles therefore bounds the maximal number of phases played.Since each phase describes a lasso path in the product this implies a bound on the total length of any play.Definition 14.Let (ρ, ρ ) and (α, α ) be two vectors in R × R and consider the clockwise oriented angle from (ρ, ρ ) to (α, α ) with respect to the origin (0, 0).We say that (α, α ) is behind (ρ, ρ ) if this oriented angle is strictly between 0 • and 180 • .See Fig. 2 for an illustration.
Positive vectors may be naturally ordered: We will call (ρ, ρ  Notice that the property of one vector being behind another only depends on their directions.Also note that "steeper" (the relation ) is only defined for positive vectors.The following simple lemma will be useful in the sequel.
Definition 16.A slope game is a strictly alternating two player game played on a pair N , N of one-counter nets in normal form.The game positions are pairs (π, (ρ, ρ )), where π is an acyclic path in the product graph of N and N , and (ρ, ρ ) is a positive vector called slope.
The game is divided into phases, each starting with a path π = (q 0 , q 0 ) of length 0. Until a phase ends, the game proceeds in rounds like a simulation game, but the players pick transitions instead of steps: in a position (π, (ρ, ρ )) where π ends in states (q, q ), Spoiler chooses a transition t = (q a,d − −− → p), then Duplicator responds with a transition t = (q a,d − −− → p ).If the extended path π = π(t, t )(p, p ) is still not a lasso, the next round continues from the updated position (π, (ρ, ρ )); otherwise the phase ends with outcome (π, (ρ, ρ )).The slope (ρ, ρ ) does not restrict the possible moves of either player, nor changes during a phase.We thus speak of the slope of a phase.
(3) If (α, α ) is behind (ρ, ρ ) and positive, the game continues with a new phase from position (π, (α, α )), where π = target(π) is the path of length 0 consisting of the pair of ending states of π. Figure 3 on the facing page illustrates the winning condition.Note that if there is no immediate winner it is guaranteed that (α, α ) is a positive vector that is behind the slope (ρ, ρ ) of the last phase.The number of different positive vectors that derive from the effects of simple cycles thus bounds the maximal number of phases in the game.
The connection between the slope and simulation games is that the outcome of a slope game from initial position ((q, q ), (ρ, ρ )) determines how the initial slope (ρ, ρ ) relates to the belt in the plane for (q, q ) in the simulation relation.Roughly speaking, if (ρ, ρ ) is less steep than the belt then Spoiler wins the slope game; if (ρ, ρ ) is steeper then Duplicator wins.
Consider a simulation game in which the ratio n/n of the counter values of Spoiler and Duplicator is the same as the ratio ρ/ρ , i.e., suppose (n, n ) is contained in the direction of (ρ, ρ ).Suppose also that the values (n, n ) are sufficiently large.By monotonicity, we know that the steeper the slope (ρ, ρ ), the better for Duplicator.Hence if the effect (α, α ) of some cycle is behind (ρ, ρ ) and positive, then it is beneficial for Spoiler to repeat this cycle.With more and more repetitions, the ratio of the counter values will get arbitrarily close to (α, α ).On the other hand, if (α, α ) is behind (ρ, ρ ) but not positive then Spoiler wins by repeating the cycle until the Duplicator's counter decreases to 0. Finally, if the effect of the cycle is not behind (ρ, ρ ) then repeating this cycle leads to Duplicator's win.
The next lemma follows from the observation that in slope games, the slope of a phase must be strictly less steep than those of all previous phases.Lemma 17.For a fixed pair N , N of OCNs in normal form, (1) any slope game ends after at most (K + 1) 2 phases, and (2) slope games are effectively solvable in PSPACE.
Proof.After every phase, the slope (ρ, ρ ) is equal to the effect of a simple cycle, which must be a positive vector.Thus the absolute values of both numbers ρ and ρ are bounded by K = |Q × Q |.It follows that the total number of different possible values for (ρ, ρ ), and therefore the maximal number of phases played, is at most (K + 1) 2 .Point 2 is a direct consequence as one can find and verify winning strategies by an exhaustive search; polynomial space suffices as the depth of the search is polynomial.
The outcome of a slope game depends only on the effects of simple cycles that are behind the current slope (ρ, ρ ), and not the actual values ρ, ρ .This motivates the following definition.
Definition 18.Consider all the non-zero effects (α, α ) of all simple cycles and denote the set of all these vectors by V .We say that a positive vector (σ, σ ) subsumes a positive vector (ρ, ρ ) when for all (α, α Call (ρ, ρ ) and (σ, σ ) equivalent if they subsume each other.
In particular, all positive vectors lying in the open angle between any two angle-wise We claim that equivalent slopes have the same winner in the slope game.
Proof.A winning strategy in the slope game from ((q, q ), (ρ, ρ )) may be literally used in the slope game from ((q, q ), (σ, σ )).This holds because the assumption that (σ, σ ) subsumes (ρ, ρ ) implies that all possible outcomes of the initial phase of the slope game are evaluated equally.

4.2.
Proof of the Belt Theorem.Consider one phase of a slope game, starting from a position (π, (ρ, ρ )).The phase ends with a lasso whose cycle effect (α, α ) satisfies exactly one of three conditions, as examined by the evaluating function.Accordingly, depending on its initial position, every phase falls into exactly one of three disjoint cases: (1) Spoiler has a strategy to win the slope game immediately, (2) Duplicator has a strategy to win the slope game immediately or (3) neither Spoiler nor Duplicator have a strategy to win immediately.In case (1) or (2) we call the phase final, and in case (3) we call it non-final.The non-final phases are the most interesting ones as there, both Spoiler and Duplicator have a strategy to either win immediately or continue the slope game, i.e., to avoid an immediate loss.
Both in final and non-final phases, a strategy for Spoiler or Duplicator is a tree as described below.For the definition of strategy trees we need to consider not only Spoiler's positions (π, (ρ, ρ )) but also Duplicator's positions, the intermediate positions within a single round.These intermediate positions may be modeled as triples (π, (ρ, ρ ), t) where t is a transition in N from the last state of π.Observe that the bipartite directed graph, with positions of a phase as vertexes and edges determined by the single-move relation, is actually a tree, call it T .Thus a Spoiler-strategy, i.e. a subgraph of T containing exactly one successor of every Spoiler's position and all successors of every Duplicator's position, is a tree as well; and so is any strategy for Duplicator.
Such a strategy (tree) in the slope game naturally splits into segments, each segment being a strategy (tree) in one phase.The segments themselves are also arranged into a tree, which we call a segment tree.Regardless of which player wins a slope game, according to the above observations, this player's winning strategy contains segments of two kinds: • non-leaf segments are strategies to either win immediately or continue the Slope Game (these are strategies for non-final phases); • leaf segments are strategies to win the slope game immediately (these are strategies in final phases).By the segment depth of a strategy we mean the depth of its segment tree.By point 1 of Lemma 17 (page 11), we know that a slope game ends after at most d max = (K + 1) 2 phases.Consequently, the segment depths of strategies are at most d max as well.
Recall the value C defined as the maximal length of a simple cycle in the product graph, i.e., the maximal length of any acyclic path plus 1.The claim of Theorem 13 will easily follow from the following two Lemmas 20 and 21; they state that if a player wins the slope game, an excess of counter value of C is sufficient to be able to safely "replay" a winning strategy in the simulation game.
Proof.(Informally) a position in the slope game contains a positive vector (ρ, ρ ), while a position in the simulation game contains a pair (m, m ) ∈ N × N of counter values, that can also be interpreted as a positive vector.The crucial idea of the proof is to consider the segments of the supposed winning strategy in the slope game separately.Each such segment is a strategy for one phase and as such, describes how to move in the simulation game until the next lasso is observed.Afterwards, Spoiler can choose to continue playing according to the next lower segment, or "roll back" the cycle and continue playing according to the current segment.By the rules of the slope game we observe that after sufficiently many such rollbacks the difference between the ratio m/m of the actual counters and the slope of the next lower segment is negligible, i.e., these vectors are equivalent in the sense of Definition 18 on page 12.Then, Spoiler can safely continue to play according to the next lower segment.
To safely play such a strategy in the simulation game, Spoiler needs to ensure that her own counter does not decrease too much as that could restrict her ability to move.We observe however, that any partial play that "stays in some segment" can be decomposed into a single acyclic prefix plus a number of cycles.Such a play therefore preserves the invariant that all visited points are below the slope of the phase.In particular, this means that Spoiler's counter is always ≥ 0.
(Formally) the proof of Lemma 20 proceeds by induction on the segment depth d of the assumed winning strategy in the slope game.
Case d = 1.This means that Spoiler has a strategy to win the slope game in the first phase, and hence to enforce that the effect of all cycles is behind (ρ, ρ ) but not positive.Denote this strategy by σ.In the simulation game Spoiler will re-use this strategy as we describe below.At every position (qn, q n ) in the simulation game Spoiler keeps a record of the corresponding position (π, (ρ, ρ )) in the slope game enforcing the invariant that (q, q ) are the ending states of the path π.
From the initial position (pm, p m ) with corresponding position ((p, p ), (ρ, ρ )), Spoiler starts playing the simulation game according to σ, until the path in the corresponding position of the slope game say π 1 , describes a lasso (this must happen after at most C rounds).Thus π 1 splits into: )) be the effects of α 1 and β 1 , respectively.The current values of counters are clearly assuming that the play did not end by now with Spoiler's win.As the length of path π 1 is at most C and (m, m ) is assumed to be C-below (ρ, ρ ), we know that all positions visited by now in the simulation game were below (ρ, ρ ).In particular, Spoiler's counter value was surely non-negative by now.Now Spoiler "rolls back" the cycle β 1 , namely changes the corresponding position in the slope game from (π 1 , (ρ, ρ )) to (α 1 , (ρ, ρ )) and continues playing according to σ.The play continues until Spoiler wins or the path in the corresponding position of the slope game say π 2 , is a lasso again.Again, we split the path into an acyclic prefix and a cycle: Denote the respective effects by (a 2 , a 2 ) and (b 2 , b 2 ).A crucial but simple observation is that, assuming that the play did not end by now with Spoiler's win, the current values of counters are now ) i.e. the effect (a 1 , a 1 ) of the prefix α 1 of the previous lasso does not contribute any more.As (b 1 , b 1 ) is behind (ρ, ρ ) we may apply Lemma 15 (page 10) to (b 1 , b 1 ) with c = 0 in order to deduce, similarly as before, that all positions by now were below (ρ, ρ ).Now Spoiler rolls back β 2 by establishing (α 2 , (ρ, ρ )) as the new corresponding position in the slope game.Continuing in this way, after k rollbacks the counter values are: assuming that Spoiler did not win earlier.All the effect-vectors (b i , b i ) and thus also the sum are behind (ρ, ρ ), hence similarly as before all positions by now have been below (ρ, ρ ), by Lemma 15 applied to the vector (4.10) above.This in particular means that Spoiler's counter remains non-negative.However, as by assumption all observed cycles come from a final segment in her slope game strategy, the vector (4.10) cannot be positive for any k.Thus, every rollback strictly decreases Duplicator's counter value.We conclude that after sufficiently many rollbacks, Duplicator's counter will reach 0 and the game will end in a position immediately winning for Spoiler.
Case d > 1.By assumption, Spoiler has a strategy with segment depth d to win the slope game.As before, we prescribe a strategy for her in the simulation game that will re-use her slope game strategy using rollbacks.
Spoiler plays according to the initial segment of this strategy, that allows her to win or at least guarantee that the effect of the first observed lasso's cycle is less steep than (ρ, ρ ).After some rollbacks, the counter values will be of the form: where the absolute values of a and a are at most C, the vectors (c i , c i ) are behind (ρ, ρ ) and positive, and the vectors (b i , b i ) are behind (ρ, ρ ) and non-positive.We apply Lemma 15 and obtain that all the positions so far have been below (ρ, ρ ).
In general Spoiler has no power to choose whether the effect of the cycle at the next rollback is positive or not.However, if from some point on all effects are non-positive then Duplicator's counter eventually drops below 0 and Spoiler wins.Thus w.l.o.g.we focus on positions in the simulation game immediately after a rollback of a cycle with positive effect.Using the notation from (4.11), suppose (c k , c k ) is the effect of the last rolled back cycle.In order to apply the induction assumption we need the following claim.The intuition is that after sufficiently many rollbacks the vector (n, n ) will fall arbitrarily close to being C-below some vector (c i , c i ).Recall the relation of subsumption between positive vectors introduced in Definition 18 (page 12).
Claim 1.After sufficiently many rollbacks the vector (n, n ) of counter values in the simulation game is C-below some vector (γ, γ ) which subsumes the positive effect (c k , c k ) of the last rolled back cycle.
Proof.Simple geometric reasoning.Let (ρ 0 , ρ 0 ) be the current slope of the phase in the slope game and let (ρ 1 , ρ 1 ) (ρ 2 , ρ 2 ) . . .(ρ k , ρ k ) be the possible outcomes of the phase if Spoiler plays according to the assumed strategy.Since the strategy is winning in the slope game, (ρ 0 , ρ 0 ) is steeper than all of them: (ρ 0 , ρ 0 ) (ρ 1 , ρ 1 ).As mentioned in Remark 3, for every (ρ i , ρ i ) there exists a value i > 0 such that (ρ 1 , ρ 1 ), after a finite number of rollbacks the pair of counter values in the simulation game must describe a positive vector that is C-below (γ, γ ) = (ρ 1 − 1 , ρ 1 + 1 ).Since the effects of all possible outcomes of the phase are behind this vector, Lemma 15 implies that from now on, the counter-values after a rollback are C-below (γ, γ ).Now we consider two cases.If eventually a cycle with effect (ρ 1 , ρ 1 ) is rolled back, the claim holds since (γ, γ ) subsumes it.Otherwise, no cycle with effect (ρ 1 , ρ 1 ) is ever rolled back again.In this case the whole above argument can be repeated for the next positive vector (ρ 2 , ρ 2 ), and so on.An induction on the number k of possible outcomes then shows the claim.
Let (qn, q n ) be a position of the simulation game satisfying the claim.We know that Spoiler has a winning strategy in the slope game from ((q, q ), (c k , c k )), of segment depth at most d − 1.Because (γ, γ ) subsumes (c k , c k ), we apply Lemma 19 (page 12) to know that the same strategy is winning in the slope game from ((q, q ), (γ, γ )).By the induction assumption we conclude that Spoiler wins the simulation game from (qn, q n ), which completes the proof of Lemma 20.
Lemma 21.If Duplicator wins the slope game from a position ((p, p ), (ρ, ρ )) then Duplicator wins the simulation game from every position (pm, p m ) which is C-above (ρ, ρ ).
Proof.Building again on the concept of rollbacks, we prescribe a winning strategy for Duplicator in the simulation game that is based on the assumed winning strategy σ in the slope game.Intuitively, Duplicator's strategy in the simulation game consists of two parts: first he plays according to σ until a leaf segment is reached, and then continues to play according to this segment using rollbacks.Since d max = (K + 1) 2 bounds the maximal number of segments in σ and every path in a segment is no longer than C, we know that an offset of d max • C is sufficient to ensure that some position in a leaf segment can be reached.
We can accelerate this strategy, allowing forward jumps: Duplicator starts to play according to the initial segment of σ at height d.At any given position in a segment at height h, Duplicator first checks if the same pair of control states appears in a segment at a lower height h < h.If such a position exists, Duplicator continues to play from there, otherwise he plays as prescribed by the current position.See Fig. 4 below for an illustration.If Duplicator plays as described above, he guarantees that no control states are repeated unless he is already in a leaf segment T .Moreover, as T itself is a winning strategy in the slope game for some slope (ϕ, ϕ ), he can enforce that the effects (∆(β), ∆ (β)) of the cycles β of all observed lassos are not behind (ϕ, ϕ ).Let π be an arbitrary play of the simulation game, in which Duplicator plays as above using forward jumps, and then uses rollbacks according to the segment T .The effects of π can be decomposed as where α is prefix and β i are simple cycles with effect-vector not behind (ϕ, ϕ ).Because Duplicator uses forward jumps as soon as possible, we know that no pair of states visited before entering T can be contained in T , and thus α is acyclic.The initial pair of counter values (m, m ) is C-above (ρ, ρ ) and thus also C-above (ϕ, ϕ ) because (ϕ, ϕ ) (ρ, ρ ).As |α| ≤ C, we know that (m, m ) + (∆(α), ∆ (α)) is above (ϕ, ϕ ).Moreover, as all the effects of all β i are not behind (ϕ, ϕ ), their sum i≤k (∆(β i ), ∆ (β i )) is also not behind (ϕ, ϕ ).Using part 2 of Lemma 15 we get that (n, n ) = (m, m ) + (∆(π), ∆ (π)) is still above (ϕ, ϕ ).This in particular means that Duplicator's counter value n remains non-negative.Since π was arbitrary, this shows that Duplicator can prevent his counter from ever decreasing below 0 and thus enforce an infinite play and win.
Assume a pair N , N of OCNs in normal form.For two states q ∈ Q and q ∈ Q we will determine the ratio (ρ, ρ ) that, together with C, characterizes the belt of the plane (q, q ).First observe the following monotonicity property of the slope game.
Recall the equivalence of positive vectors introduced in Definition 18 (page 12), based on the set V of ratios of simple cycles.Two vectors are equivalent if the same vectors from V are behind both of them.Lemma 19 states that the outcome of a slope game from a fixed pair of states is the same for equivalent initial slopes.
We conclude that the slope (β, β ) of any belt must be the effect of a simple cycle of the product graph.Such paths are no longer than C and because along a path of length C the counter values cannot change by more than C, we get that β, β ≤ C as well.4.3.Locality.Simulation preorder enjoys a certain locality property due to the simulation condition.Intuitively, the outcomes of all possible successor positions after one round of the simulation game determine the outcome of the game.For OCNs, this can be stated as a precise geometric property.Whether or not one process simulates another is completely determined by their control states and the coloring of its surrounding pairs.
The R-neighborhood of (m, m ) determines the coloring of R on all points surrounding (m, m ).Observe that there are at most 3 |Q×Q |•3•3 different neighborhoods.The ⊥-values ensure that if two points (m, m ) and (n, n ) in N 2 have the same neighborhood, then they have the same relative position to the axes, i.e., m = 0 ⇐⇒ n = 0 and m = 0 ⇐⇒ n = 0.
We can now precisely state what we mean with the locality of simulation on OCA.
Proof.Suppose that Duplicator wins the simulation game from (pm, p m ).For every move pm a − − → qm + l in the game from (pm, p m ), Duplicator has a response p m a − − → q m + l such that qm + l q m + l .Due to the assumption that -neighborhoods of (m, m ) and (n, n ) agree on every (q, q , l, l ) = (p, p , 0, 0), we learn that for every move pn a − − → qn + l in the game from (pn, p n ), Duplicator has a response p n a − − → q n + l such that either qn + l q n + l , or (q, q , l, l ) = (p, p , 0, 0).This proves that Duplicator wins the simulation game from (pn, p n ), as required.
Since the simulation condition for a pair of processes depends only on their neighborhood, we can locally verify that some finite coloring is not self-contradictory.Moreover, if a relation on the configurations of two OCN is not a simulation, then this is witnessed locally by some inconsistent neighborhood.
Proof.The condition implies that R satisfies the simulation condition: Pick any (pm, p m ) ∈ R and let n, n ∈ N such that NH 4.4.Characterizing Strong Simulation Preorder.We follow here the approach presented in [8] to turn the Belt Theorem into a working algorithm.The idea is to guess and verify a description of in terms of belts and local colorings on-the-fly.Due to the polynomial bounds on the width of belts stated in Theorem 13, such a procedure requires polynomial space.Consider two OCN N and N in normal form, with sets of control states Q and Q , respectively and let C ≤ |Q × Q | be the maximal length of an acyclic path in their product plus 1, as used in Theorem 13.
For convenience, we will write (pm, p m Definition 26.The slope of a pair (p, p ) ∈ Q × Q of control states, is the positive vector slope(p, p ) = (ρ, ρ ) satisfying the claim of the Belt Theorem.The belt with slope (ρ, ρ ) is the set of points (n, n ) ∈ N 2 which are neither C-above nor C-below (ρ, ρ ).The extended belt is the relation belt Recall that simulation preorder on the configurations with control states p and p is trivially outside of belt(p, p ): it contains all pairs (pm, p m ) such that (m, m ) is C-above slope(p, p ), and contains no pairs (pm, p m ) where (m, m ) is C-below slope(p, p ).We show (Lemma 28) that the non-trivial part is repetitive in the sense defined in Definition 27 below.Essentially, one can cut through the belt at two levels n 1 , n 2 ∈ N such that the coloring of belt(p, p ) above level n 2 repeats the (finite) coloring between n 1 and n 2 indefinitely.This implies that p,p and hence also are semilinear, and each p,p can be represented by the finite coloring up to level n 2 .This is already enough to decide strong simulation, and to compute a representation of the maximal simulation, since one can enumerate candidate relations R ⊆ (Q × N × Q × N) that are represented in this way and check that they satisfy the simulation condition.
Due to the polynomial bounds on the width and the slopes of belts provided by Theorem 13, we can further bound the cut-levels n 1 , n 2 and thus the representation of periodic candidate relations, exponentially in the size of the input nets.The crucial idea for deciding strong simulation in polynomial space is that one can stepwise guess and locally verify the coloring of a (extended) belt by shifting a polynomially bounded window along the belt.
By Theorem 13, we know that coefficients ρ and ρ of any slope slope(p, p ) = (ρ, ρ ) are bounded by C. Consequently, there are at most C 2 different slopes and belts and apart from vertical and horizontal slopes (those with ρ = 0 or ρ = 0 respectively), the maximally and minimally steep (cf.Definition 14 on page 10) possible slopes are (1, C) and (C, 1) respectively.We can therefore find polynomially bounded l 0 , l 0 ∈ N such that belts are pairwise disjoint outside the initial rectangle L 0 between corners (0, 0) and (l 0 , l 0 ).For technical convenience we assume w.l.o.g. that only horizontal belts (those with slope(p, p ) = (n, 0) for some n) cross the vertical border of L 0 .This can always be achieved by extending L 0 , if necessary.
By our definition of belts, shifting a point along the vector slope(p, p ) preserves membership in belt(p, p ), i.e., for every (qn, This is why we restrict our focus to multiples of vectors slope(p, p ).
Definition 27.Fix a pair (p, p ) ∈ Q × Q and j, k ∈ N and let l 0 , l 0 ∈ N define the initial rectangle L 0 discussed above.We write rect(p, p , j) for the rectangle between corners (0, 0) and (l 0 , l 0 ) + j • slope(p, p ).A subset R ⊆ belt(p, p ) is called (j, k)-ultimately-periodic if for all (n, n ) ∈ N 2 \ rect(p, p , j) and every (q, q ) One can represent a (j, k)-ultimately-periodic set R by the two numbers n 1 = l 0 + j • ρ and n 2 = n 1 + k • ρ and two finite sets This in particular means that R is semilinear, where the left subset above forms the bases, and the only period is always slope(p, p ).We continue to show that the non-trivial part p,p of the coloring of simulation is such a (j, k)-ultimately periodic set for every pair (p, p ) of states.Lemma 28.For every pair (p, p ) ∈ Q × Q , the set p,p is (j, k)-ultimately periodic for some j, k ∈ N exponentially bounded in C.
Proof.Fix states p, p and let (ρ, ρ ) = slope(p, p ). W.l.o.g.suppose that slope(p, p ) is positive and belt(p, p ) therefore intersects the horizontal border of L 0 (if the belt is horizontal and intersects the vertical border of L 0 the proof is analogous).By a cross-section at level n we mean the set of all points in belt(p, p ) on a horizontal line at that level, i.e., {(qn, qn ) ∈ belt(p, p ) | n ∈ N}.We say that two cross-sections s 1 and s 2 are equal if one of them is obtained by a shift of the other by a multiple of slope(p, p ) = (ρ, ρ ) and moreover, the -neighborhoods of any two corresponding points are the same.Formally, we require that for some k ∈ N, (1) Notice that there are at most 2 K•W pairwise different colorings for any cross-section, where K = |Q × Q | and W is the maximal width of a belt.By our definition of neighborhoods, two cross-sections are equal only if their coloring agrees and the same is true for the (pairs of) cross-sections directly above and below.This means that in total, there are no more than 2 K•W •3 pairwise different cross-sections for a given belt.
We choose two equal cross-sections at levels n 1 and n 2 respectively, such that n 1 = l 0 +j•ρ and n 2 = n 1 + k • ρ for some j, k ∈ N.That is, we demand that l 0 < n 1 < n 2 and the respective offsets are divisible by the vertical offset ρ of slope(p, p ).By our observation above it is safe to assume that both j and k are bounded exponentially in C.
Based on n 1 and n 2 , we decompose p,p into finite segments.To this end, first extend n 1 and n 2 to an infinite progression n 1 , n 2 , n 3 , . . .where n i+1 = n i + k • ρ for i ≥ 1.Now let A be the restriction of p,p to the area below n 1 and for any i ≥ 1, let P i be the restriction of p,p to the area between n i and n i+1 (see Fig. 5): We now show that p,p = A ∪ P * 1 , where That is, apart from the initial fragment A, the coloring of p,p is actually an infinite repetition of a finite coloring P 1 along the belt: P i+1 = P i + k • slope(p, p ).This implies the claim of the lemma, since A ∪ P * 1 is clearly (j, k)-ultimately periodic.The proof of Eq. (4.17) strongly relies on the locality of the simulation condition (Lemma 25 on page 18).
For the first inclusion (A ∪ P * 1 ⊆ p,p ) we show that the relation R = ( \ p,p ) ∪ ( A ∪ P * 1 ) (4.18) obtained from by replacing p,p with A ∪ P * 1 , is a simulation.Recall that n 1 and n 2 were chosen sufficiently high (above the initial rectangle L 0 ) such that any two different belts are disjoint.This means that the R-neighborhood of any point in P i for some i > 1 is the same as the R-neighborhood and hence also the -neighborhood of the corresponding point in P 1 .By Lemma 25, this means that R is a simulation and since is the largest simulation, the claimed inclusion follows.
It remains to show the other inclusion (A ∪ P * 1 ⊇ p,p ).Assume the contrary.We already know that A ∪ P * 1 ⊆ p,p , so we must have P 1 + i • k • slope(p, p ) P i for some i > 1.Since P i ⊆ p,p is part of the coloring of simulation , it is clearly locally consistent.This means if we replace P 1 with the coloring according to P i , we again derive a consistent coloring.Formally, we let P = P i + i • (−k) • slope(p, p ) and replace p,p with A ∪ P * in the coloring of .Similar to the first case, the resulting relation is a simulation due to the locality of the simulation condition.This implies that P 1 P ⊆ p,p , which means that there exists some point (qn, q n ) ∈ p,p \ P 1 with n 1 ≤ n < n 2 .This contradicts the definition of P 1 as the set of points (qn, q n ) in p,p with n 1 ≤ n < n 2 .
Lemma 28 implies that the largest strong simulation is not only semilinear, but also its nontrivial part p,p p,p is the finite union of (j, k)-ultimately periodic sets, for exponentially bounded j, k.It therefore admits an EXPSPACE representation that consists, for every pair of states (p, p ), of: • a polynomially bounded vector (ρ, ρ ) = slope(p, p ) • exponentially bounded natural numbers n 1 , n 2 ∈ N • two exponentially bounded relations: Assume w.l.o.g. that in descriptions of the above form, the coefficients n 1 and n 2 are the same for all pairs (p, p ) with the same slope(p, p ).This is a safe assumption as the least common multiples of the respective values are still exponentially bounded.
The above characterization immediately leads to a naïve exponential-space algorithm for checking strong simulation for pairs of OCNs in normal form: Guess the description of a candidate relation R for the simulation relation, verify that it is a simulation and check if it contains the input pair of configurations.
Checking whether the input pair is in the (semilinear) relation R is trivial.To verify that the relation R is a simulation, one needs to check the simulation condition for every pair of configurations (qn, q n ) in R.But due to the particular periodic structure of the candidate relation and the locality of simulation (Lemma 24 on page 18), it suffices to locally verify the finite initial and periodic parts for every pair of control states.
A PSPACE procedure.The naïve algorithm outlined above may easily be turned into a PSPACE algorithm by a window shifting trick.Instead of guessing the complete exponentialsize description upfront, we start by guessing the polynomially bounded relation inside L 0 and verifying it locally.Next, the procedure stepwise guesses parts of the relations aperiodic and later periodic, inside a polynomially bounded rectangle window through the belt and shifts this window along the belt, checking the simulation condition for all contained points along the way.Since the simulation condition is local, everything outside this window may be forgotten, save for the first repetitive window that is used as a certificate for successfully having guessed a consistent periodic set, once it repeats.By Lemma 28, this repetition needs to occur after an exponentially bounded number of shifts.Therefore, polynomial space is sufficient to store a binary counter that counts the number of shifts and allows to terminate unsuccessfully once the limit is reached.
We summarize our findings as the theorem below.
Theorem 29.Checking strong simulation preorder between two OCNs is in PSPACE.Moreover, the maximal simulation relation is semilinear and can be represented in space exponential in the number of states of the input nets.

Weak Simulation
We now turn to the problem of checking if weak simulation holds between two OCNprocesses.This problem was shown to be decidable in [7] and later PSPACE-complete [6].We provide here a unified presentation of the argument for its decidability and the subsequent improvement to PSPACE.
The main obstacle is that, with respect to weak steps, Duplicator's system is infinitelybranching.This implies that non-simulation does not necessarily manifest itself locally, i.e., the weak simulation condition is not local in the sense discussed in Section 4.3.Our approach is based on a generalization of simulation approximants, which we will recall below.
Definition 30 (Approximants).Take two labeled transition systems with sets of configurations S and S , respectively.Strong simulation approximants α with respect to S, S are inductively defined for all ordinals α ∈ Ord : (1) 0 = S × S is the full relation.
(2) s α+1 s holds if for all s a − − → t there is a step s a − − → t such that t α t .
(3) For limits λ, let λ = α<λ α .Weak simulation approximants α are defined as above, where we replace (2) by the weak simulation condition: s α+1 s iff for all s a − − → t there is a step s a = = ⇒ t with t α t .
One can show (see e.g.[13,Chapter 10.4] for an argument for bisimulation approximants) that regardless of the given LTSs S and S it holds that = α∈Ord α (5.1) In particular this means that for fixed S, S there exists some convergence ordinal γ with = γ .Moreover, if S is a finitely branching LTS (each configuration has finitely many successors), then convergence happens at most at the first limit ordinal.In this case, if s s then already s k s at some finite level k ∈ N. It is this finite convergence property that fails in the case of weak simulation for LTS defined by one-counter nets, as the example below demonstrates.
Example 31.Consider the simple process A a , that can only loop on action a, and the OCN depicted below.
We see that A Cn and A n+1 Cn hold for every n ∈ N.Moreover, there is a weak step B0 a = = ⇒ Cn for every n ∈ N and therefore A ω B0.Still, it holds that A ω+1 B0 because there is no weak a-step from B0 a process α that satisfies A ω α.It follows that ω = ω+1 .We will later show (as Theorem 49 on page 36) that convergence of weak simulation approximants on OCN can only be guaranteed at level ω 2 .
We resolve this problem in two steps.First, the weak simulation problem between OCNs is reduced to a strong simulation problem between a OCN and a slightly generalized model that we call ω-nets, and that symbolically captures infinite branching.In ω-nets, there exist dedicated transitions with symbolic effect ω, which allow to arbitrarily increase the counter in a single step.Secondly, this new strong simulation problem is solved using a novel kind of approximant sequence, that is derived from the representation of Duplicator's system.It is shown that this sequence converges at a finite index and that individual approximant relations are effectively computable semilinear sets.In particular, knowing the representation of the approximant at level k, one can characterize the approximant at the next level k + 1 in terms of strong simulation over suitably modified OCNs, which is an effectively computable semilinear set by Theorem 29.A description of the weak simulation preorder can therefore be computed by successively computing the approximant relations and stopping once convergence is detected.This procedure is effective because the semilinear approximants are guaranteed to converge to at some finite level and equality is decidable for semilinear sets.
The remainder of the section is organized as follows.In Section 5.1, ω-nets are introduced and the reduction theorem (Theorem 33) is proved.Section 5.2 presents the key idea behind the inductive procedure that follows.In Section 5.3 we recover a technical detail about the computability of certain belts in strong simulation games between OCNs.In Section 5.4 we introduce and discuss approximants and show that they converge to weak simulation at some finite level.The main iterative construction to compute representations of approximants is described in Section 5.5.Finally, in Section 5.6, we make a closer analysis of the complexity of this procedure.

ω-Nets.
Definition 32.An ω-net N = (Q, Act, δ) is given by a finite set of control states Q, a finite set of actions Act and transitions A path in N is a sequence π = p 0 t 1 p 1 t 2 . . .t k p k such that t i = (p i−1 , a i , d i , p i ) for every 1 ≤ i ≤ k.We write λ(π) = a 1 a 2 . . .a k ∈ Act * for the sequence of actions it induces and |π| = k for its length.The effect ∆(π) of such a path is the minimum of ω and 1≤i≤k d i .Its guard is Γ(π) = − min{∆( i π) | i ≤ k}, where i π denotes the prefix p 0 t 1 p 1 t 2 . . .t i p i of π of length i.We call a path empty if k = 0.
Observe that the effect of a path is ω iff it contains at least one ω-transition.Otherwise the effect is bounded by the length of the path.Moreover, the guard of a path π equals the guard of its longest prefix without ω-transitions and therefore satisfies 0 ≤ Γ(π) ≤ |π|.
Every one-counter net is an ω-net without ω-transitions.Unlike one-counter nets, ω-nets can yield infinitely branching transition systems, since each ω-transition (p, a, ω, q) induces steps pm a − − → qn for any two naturals n > m.We observe that, just like one-counter nets, ω-nets are monotone in the sense of Lemma 8 (page 6): This means that pm p m implies pn p n for n ≤ m, n ≥ m .
The following theorem justifies our focus on strong simulation games where Duplicator plays on an ω-net process.It shows that checking weak simulation between two OCN processes can be reduced to checking strong simulation between a one-counter net process and an ω-net process.
Theorem 33.For two OCNs N and N with sets of control states Q and Q , respectively, one can in polynomial time construct a OCN M with control states M ⊇ Q and an ω-net M with control states M ⊇ Q such that qn q n w.r.t.N , N iff qn q n w.r.t.M, M (5.3) holds for each pair q, q ∈ Q × Q of original control states and all n, n ∈ N.
The idea of the proof is to look for counter-increasing cyclic paths via τ -labeled transitions in the control graph of N and to introduce ω-transitions accordingly.For any path that reads a single visible action and visits a 'generator' state that is part of a silent cycle with positive effect, we add an ω-transition.For all of the finitely many non-cyclic paths that read a single visible action we introduce direct transitions.
The remainder of this section is devoted to proving Theorem 33.All further definitions in this section are only relevant locally.Formally, the proof of Theorem 33 will be done in two steps.First (Lemma 36), we reduce weak simulation for one-counter nets to strong simulation between a one-counter net and yet another auxiliary model called guarded ω-nets.These differ from ω-nets in that each transition may change the counter by more than one and is explicitly guarded by an integer, i.e., it can only be applied if the current counter value exceeds the guard attached to it.In the second step (Lemma 37) we normalize the effects of all transitions to {−1, 0, 1, ω} and eliminate all integer guards and thereby construct an ordinary ω-net for Duplicator.Definition 34.A guarded ω-net N = (Q, Act, δ) is given by finite sets Q and Act of control states and actions resp., and a transition relation Specifically, N is an ω-net if g = 0 and d ∈ {−1, 0, 1, ω} for all transitions (p, a, g, d, q) ∈ δ.The next construction establishes the connection between weak similarity of one-counter nets and strong similarity between OCN and guarded ω-net processes.In order to avoid confusion we write − − → N and = = ⇒ N for (weak) steps in the system N .
Lemma 35.For any OCN N = (Q, Act, δ) one can effectively construct a guarded ω-net G = (Q, Act, γ) such that for all a ∈ Act, (1) whenever pm Proof.The idea of the proof is to introduce direct transitions from one state to another for any path between them that reads exactly one visible action and does not contain silent cycles.
For two states s, t of N , let D(s, t) be the set of direct (i.e., acyclic) paths from s to t and let SD(s, t) denote the subset of silent direct paths SD(s, t) = {π ∈ D(s, t) | λ(π) ∈ {τ } * } from s to t.Every path in D(s, t) has acyclic prefixes only and is therefore bounded in length by |Q|.Hence D(s, t) and SD(s, t) are finite and effectively computable for all pairs (s, t).
To prove the first part of the claim, assume pm a = = ⇒ N qn.By definition of weak steps, there must be a path π = π 1 (s, a, d, s )π 2 with λ(π 1 ), λ(π 2 ) ∈ {τ } * .Suppose both π 1 and π 2 do not contain cycles with positive effect.Then there must be paths π 1 ∈ SD(p, s), π 2 ∈ SD(s , q) with Γ(π i ) ≤ Γ(π i ) and ∆(π i ) ≥ ∆(π i ) for i ∈ {1, 2} that can be obtained from π 1 and π 2 by removing all simple cycles with effects less or equal 0. So G contains a transition (p, a, g , d , q) for some g ≤ m and d ≥ n − m and hence pm Alternatively, either π 1 or π 2 contains a cycle with positive effect.Note that for any such path, another path with lower or equal guard exists that connects the same states and contains only one such counter-increasing simple cycle: If π 1 contains a simple cycle with positive effect, there is a path π1 = π 1 π 1 π 1 from p to s, where π 1 , π and π 1 are direct and ∆(π 1 ) > 0 for the cycle π 1 ∈ SD(t, t) for some state t.In this case, G contains an ω-transition (p, a, g, ω, q) with g = Γ(π 1 π 1 ).Similarly, if π 2 contains a counter-increasing cycle, there is a π2 = π 2 π 2 π 2 , with π 2 ∈ SD(s , t), π 2 ∈ SD(t, t), π 2 ∈ SD(t, q) and ∆(π 2 ) > 0. This means there is a transition (p, a, g, ω, q) in G with g = Γ(π 1 (s, a, d, s )π 2 π 2 ).In both cases, g ≤ Γ(π) ≤ m and therefore pm a − − → G qi for all i ≥ m.For the second part of the claim, assume pm a − − → G qn.This must be the result of a transition (p, a, g, d, q) in G for some g ≤ m.In case d = ω, there is a path π from p to q with ∆(π) = n − m, λ(π) ∈ {τ } * {a}{τ } * and Γ(π) = g that witnesses the weak step pm a = = ⇒ N qn in N .Otherwise, if d = ω, there must be a path π = π 11 π 12 π 13 (s, a, d, s )π 21 π 22 π 23 from p to q in N where Γ(π) ≤ m, all π ij are silent and direct and one of π 12 and π 22 is a cycle with strictly positive effect.This implies that one can "pump" the value of the counter higher than any given value.Specifically, there are naturals k and j such that the path π = π 11 π k 12 π 13 (s, a, d, s )π 21 π j 22 π 23 from p to q satisfies Γ(π ) ≤ Γ(π) ≤ m and ∆(π ) ≥ m−n.Now π witnesses the weak step pm a = = ⇒ N qn in N for an l ≥ n. − − → G q n for some n ∈ N so that qn N ,G q n .By Lemma 35 part 2, p m a = = ⇒ N q l for some l ≥ n .Since simulation is monotonic (point 2 of Lemma 8), we know that also qn N ,G q l.Similarly, for the "only if" direction, one can use the first claim of Lemma 35 to check that N ,N is a strong simulation w.r.t.N ,G .
Lemma 37.For a one-counter net N and a guarded ω-net G with sets of control states Q and Q one can effectively construct a one-counter net M and an ω-net M with sets of control states M ⊇ Q and M ⊇ Q respectively, such that for any two configurations qn, q n of N and G , qn q n w.r.t.N , G ⇐⇒ qn q n w.r.t.M, M . (5.5) Proof.We first observe (see also Remark 4) that for any transition of the guarded ω-net G , the values of its guard is bounded by some constant.The same holds for all finite effects.Let Γ(G ) be the maximal guard and ∆(G ) be the maximal absolute finite effect of any transition of G .The idea of this construction is to simulate one round of the game N vs. G in k = 2Γ(G ) + ∆(G ) + 1 rounds of a simulation game M vs. M .We will replace original steps of both players by sequences of k steps in the new game, which is long enough to verify if the guard of Duplicator's move is satisfied and adjust the counter using transitions with effects in {−1, 0, +1, ω} only.
We use one fresh symbol b / ∈ Act and let the new alphabet be Act = Act ∪ {b}.We transform the net N = (Q, Act, δ) to the one-counter net M = (M, Act, µ) as follows: We see that Now we transform the guarded ω-net G = (Q , Act, δ ) to the ω-net M = (M , Act, µ ).Every original transition will be replaced by a sequence of k transitions that test if the current counter value exceeds the guard and adjust the counter accordingly.The new net M has all states of G plus a chain of k new states for each original transition.
For every transition t = (p, a, g, d, q) in G , we add the following transitions to M .First, to test the guard: ) Now we add transitions to adjust the counter according to d ∈ N ∪ {ω}.In case 0 ≤ d < ω we add In case d < 0 we add In case d = ω we add (5.20) Finally, we allow a move to the new state: (5.21) Observe that every transition in the constructed net M has effect in {−1, 0, +1, ω}.M is therefore an ordinary ω-net.It is straightforward to see that The equation (5.5) now follows from Eqs. (5.10) and (5.22).
Theorem 33 now follows from Lemmas 36 and 37.

5.2.
Outline of the Construction.It remains to show how to solve a strong simulation game between Spoiler, playing on a one-counter net N and Duplicator, playing on an ω-net N .Let us consider the following situation to get a flavor of the reasoning in the remaining part of the Section 5: assume that the structure of N and N guarantees that in any play of a simulation game, at most one ω-step i.e. a step induced by an ω-transition, can be used.Consider a prefix of a play until the ω-step, and let us assume that after this prefix Spoiler's configuration is qn and that the ω-step ends in the configuration with the state q .Observe that Spoiler wins only if n is big enough such that qn is not simulated by q n for any n ∈ N. Otherwise, Duplicator would choose a value n big enough to simulate qn.Moreover, observe that in order to find the minimal n with which Spoiler can win we need to investigate only the simulation preorder between two one-counter nets, since after the ω-step there are no further ω-steps allowed (by our assumption above).Namely, these nets are N and N with all ω-transitions removed.We ask about the belt for q, q .Spoiler wins the remaining play iff (1) this belt is vertical (some n 0 exists with qn 0 q n for all n ) and (2) n is larger than the width of this belt (n is already sufficient).
Assuming that we have calculated n 0 , we can design a gadget which will be substituted instead of the ω-transition in N and which allow to test if the Spoiler's counter value is greater than n 0 .This lets us transform the pair of one-counter net and ω-net into a pair of one-counter nets, in such way that preserves the outcome of all those plays in which at most one ω-step is used.The overall approach is to iterate this procedure, constructing a sequence of onecounter nets that approximate the behavior of the original nets.In Section 5.4 we define the notion of simulation approximants and show that they stabilize at some finite level.In Sections 5.5 and 5.6 we explain how to represent these approximant relations using the idea above, and how efficient this representation is, i.e., how many iterations are necessary.In the next section we briefly go back to strong simulation between one-counter nets, and show how to check the two conditions 1) and 2) above.

Computing Minimal Sufficient Values.
In this section we present that computing the exact width of vertical belts can be done in polynomial space.It will be used in 5.6.Let us write suf (q, q ) for the least value n ∈ N such that qn q n for every n ∈ N and ω if no such value n exists.In terms of the simulation game, this is the minimal initial counter value that is sufficient for Spoiler to win against any initial value for Duplicator if we fix the initial states to q and q .Observe that suf (q, q ) = ω iff the belt for the plane (q, q ) is not vertical.
The following is an easy consequence of Theorem 29, because one can check the simulation problem for selected positions.
Lemma 38.Given OCNs N and N in normal form with sets of control states Q and Q , for any given pair (q, q ) ∈ Q × Q of control states, the value suf (q, q ) can be computed in PSPACE.Moreover, if suf (q, q ) = ω, then it is bounded by C, the maximal length of an acyclic path in the product of N and N .
Proof.By Theorem 13, we can bound the coefficients of the slopes of all belts polynomially.In particular, we know that if (ρ, ρ ) is the slope of some belt then ρ and ρ are both non-negative and no bigger than C ≤ |Q × Q |.The steepest possible such slope that is not vertical (i.e., with ρ > 0) is thus given by the vector (α, α ) = (1, C).
To check if suf (q, q ) = ω we can pick a point (n, n ) that is both C-above (α, α ) and C-below the vertical vector (0, 1) and check if qn q n holds.For instance, n = C + 1 and n = 2(C + 1) 2 is surely such a point.If suf (q, q ) = ω, then the belt for (q, q ) is vertical and by Theorem 13, point 2, we have qn q n .Otherwise, the belt is not vertical and has slope (ρ, ρ ) (α, α ).Then by point 1 of Theorem 13, we must have qn q n .To compute suf (q, q ) ∈ N for a vertical belt recall that by point 1 of Theorem 13, qn q n for all points with n > C. Clearly, this means that suf (q, q ) is bounded by C ≤ |Q × Q |.By Lemma 28, the coloring on this belt must be repetitive from some exponentially bounded level n 0 onwards.By monotonicity, this means that the coloring of the belt must have stabilized at this level already, so that for all n ≥ n 0 , we have qn q n iff n < suf (q, q ).
We can now iteratively check the color of the point (n, n 0 ) for decreasing values n ∈ N, starting with C. By Theorem 29, this can surely be done in polynomial space.The value suf (q, q ) must be the largest value n < C, such that qn q n 0 holds.5.4.Approximants.The basic idea of our procedure for checking simulation between a OCN and an ω-net, and therefore weak simulation between two OCN, is to stepwise compute semilinear over-approximations i ⊇ .For such a procedure to be effective, it is crucial that these approximants converge to at some finite level, i.e., k = k+1 = for some k < ω.Unfortunately, the usual simulation approximants (see Definition 30) do not have this property, as Example 31 (page 23) shows.
We overcome this difficulty by generalizing the notion of α simulation approximants in the case of simulation between one-counter and ω-net processes.This yields approximants that indeed converge at a finite level for any pair of nets.
First we define approximants β α in two (ordinal) dimensions.From the game perspective the subscript α indicates the number of rounds Duplicator can survive and the superscript β denotes the number of ω-steps Spoiler may allow before she loses, where ω-step is a step induced by a ω-transition.For example, qn 2  5 q n holds if Duplicator survives round 5 of the simulation game or makes his second ω-move until then.If not stated otherwise we assume that N = (Q, Act, δ) is a one-counter net and N = (Q , Act, δ ) is an ω-net.
Definition 39.For ordinals α and β, the approximant β α is inductively defined as follows.( Notice that the approximant β+1 α+1 above is defined in terms of both β+1 α and β α .The first condition in its definition asks that if a response is via a ω-step then the resulting pair of processes need to be related by the approximant with reduced superscript β.The second condition is for the case where a response is via a step induced by an ordinary transition.
The approximants α correspond to the usual notion of simulation approximants defined on page 23 and β is a special notion derived from the syntactic peculiarity of ω-transitions present in the game on one-counter vs. ω-nets.
Example 40.Consider the net that consists of a single a-labeled loop in state A and the ω-net with transitions B a,ω This is a variant of the system of Example 31 on page 23, but now we are interested in strong simulation.We see that for any m, n ∈ N, Am n Cn n+1 Am.Moreover, Am ω Bn but Am ω+1 Bn and Am 1 Bn but Am 2 ω+1 Bn and therefore Am 2 Bn.We will further use a game characterization of these approximants, similar to the simulation games that characterize strong simulation.
Intuitively, i is given by a parameterized simulation game that keeps track of how often Duplicator uses ω-steps and in which Duplicator immediately wins if he plays such a step the ith time.It is easy to see that this game favors Duplicator due to the additional winning condition.Hence, ∀i ∈ N, i ⊇ i+1 .With growing index i, this advantage becomes less important and the game increasingly resembles a standard simulation game.Definition 41.An approximant game is played in rounds between Spoiler and Duplicator.Game positions are quadruples (pm, p m , α, β) where pm, p m are configurations of N and N respectively, and α, β are ordinals called step-and ω-counter.In each round that starts in (pm, p m , α, β): • Spoiler chooses two ordinals α < α and β < β, • Spoiler makes a step pm a − − → qn, • Duplicator responds by making a step p m a − − → q n induced by a transition t.If t was an ω-transition then the game continues from position (qn, q n , α, β).Otherwise the next round starts at (qn, q n , α, β) (in this case Spoiler's choice of β becomes irrelevant).If a player cannot move then the other player wins and if α or β becomes 0, Duplicator wins.
Proof.If Duplicator has a winning strategy in the game from (pm, p m , α, β) then he can use the same strategy in the game from (pm, p m , α, β) and maintain the invariant that the pair of ordinals in the game configuration is pointwise smaller than the pair in the original game.Thus Duplicator wins from (pm, p m , α, β).
For the "if" direction we assume pm β α p m and show that Duplicator wins the game from (pm, p m , α, β).In the base case of α = 0 or β = 0 Duplicator directly wins by definition.By induction hypothesis we assume that the claim is true for all pairs dominated by (α, β).Spoiler starts a round by picking ordinals α < α and β < β and moves pm a − − → qn.We distinguish two cases, depending on whether β is a limit or successor ordinal.
Case 1. β is a successor ordinal.By Lemma 42, we can safely assume that β = β − 1.By our assumption pm β α p m and Definition 39, there must be a response p m a − − → q n that is either due to an ω-transition and then qn β α q n or due to an ordinary transition, in which case we have qn β α q n .In both cases, we know by the induction hypothesis that Duplicator wins from this next position and thus also from the initial position.
Case 2. β is a limit ordinal.By pm β α p m and Definition 39, we obtain pm γ α p m for all γ < β.If α is a successor ordinal then, by Lemma 42, we can safely assume that α = α − 1.Otherwise, if α is a limit ordinal, then, by Definition 39, we have pm γ α p m for all α < α and in particular pm γ α+1 p m .So in either case we obtain pm γ α+1 p m for all γ < β. (5.24) If there is some ω-step that allows a response p m a − − → ω q n that satisfies qn β α q n , then Duplicator picks this response and we can use the induction hypothesis to conclude that he wins the game from the next position.Otherwise, if no such ω-step exists, Eq. (5.24) implies that for every γ < β there is a response to some q n via a step induced by a non-ω-transition t(γ) and that satisfies qn γ α q n .Since β is a limit ordinal, there exist infinitely many γ < β.By the pigeonhole principle, there must be one transition that occurs as t(γ) for infinitely many γ, because there are only finitely many transitions in the net.Therefore, a response via a step induced by this particular transition satisfies qn β α q n .If Duplicator uses this response, the game continues from position (qn, q n , α, β) and he wins by induction hypothesis.
For the "only if" direction we show that pm β α p m implies that Spoiler has a winning strategy in the approximant game from (pm, p m , α, β).In the base case of α = 0 or β = 0 the implication holds trivially since the premise is false.By induction hypothesis, we assume that the implication is true for all pairs dominated by (α, β).Observe that if α or β are limit ordinals then (by Definition 39) there are successor ordinals β ≤ β and α ≤ α such that pm β α p m .So without loss of generality we can assume that α and β are successor ordinals.By the definition of approximants there must be a move pm a − − → qn such that • for every response p m a − − → ω q n that uses some ω-step we have qn β−1 α−1 q n , • for every response p m a − − → q n via some step induced by not ω-transition it holds that qn β α−1 q n .So if Spoiler chooses α α − 1, β = β − 1 and moves pm a − − → qn then any possible response by Duplicator will take the game to a position (qn, q n , γ, α) for some γ ≤ β.By induction hypothesis Spoiler wins the game.
Lemma 44.For all ordinals α, β the following properties hold.The first point states that individual approximants are monotonic with respect to the counter values.Points 2-4 imply that both α and β yield non-increasing sequences of approximants that converge towards simulation.As Example 40 on page 30 shows, the approximants α do not converge at finite levels, and not even at level ω, i.e., CA > ω in general.We will later show (in Lemma 46) that the approximants β converge at a finite level, i.e., CB is strictly below ω for any pair of nets, and further we bound CB in Section 5.6 to obtain an exact complexity upper bound.To show ⊆ α α , we prove by induction that ⊆ α holds for all ordinals α.The base case α = 0 is trivial.For the induction step we prove the equivalent property α ⊆ .There are two cases.In the first case, α = γ + 1 is a successor ordinal.If pm γ+1 p m then pm γ+1 γ+1 p m and therefore, by Lemma 43, Spoiler wins the approximant game from (pm, p m , γ + 1, γ + 1).Let pm a − − → qn be an optimal initial move by Spoiler.Now either there is no valid response and thus Spoiler immediately wins in the simulation game; or for every Duplicator response p m a − − → q n that uses an ω-step, we have qn γ γ q n and for every response that does not use an ω-move, we have qn γ+1 γ q n .Either way, we get qn γ q n and by induction hypothesis, qn q n .By Lemma 43, we obtain that Spoiler wins the simulation game from (qn, q n ) and thus from (pm, p m ).Therefore pm p m , as required.
In the second case, α is a limit ordinal.Then pm α p m implies pm γ p m for some γ < α and therefore pm p m by induction hypothesis.
The following lemma shows a certain uniformity property of the simulation game.Beyond some fixed bound, an increased counter value of Spoiler can be neutralized by an increased counter value of Duplicator, thus enabling Duplicator to survive at least as many rounds in the game as before.This lemma is necessary for the proof of Lemma 46, which guarantees the existence of a finite bound for the convergence level CB .and because of two inequalities, also that S(m) ≥ S(n).So the ordinal sequence S(m) m≥0 of suprema must be non-increasing and by the well-ordering of the ordinals there is a smallest index k ∈ N at which this sequence stabilizes: We split the remainder of this proof into three cases depending on whether I(k) and I(l) for some l > k have maximal elements.In each case we show the existence of a bound c that satisfies requirement (5.25).Case 1.For all l ≥ k and m ∈ N it holds that I(l, m ) < S(l), i.e., no I(l) has a maximal element.In this case c := k satisfies the requirement (5.25).To see this, take n > m > c = k and pm α p m .Then, by our assumption, α < S(m) and S(m) = S(n) = S(k).Therefore α < S(n), which means that there must exist an n ∈ N such that pn α p n , as required.
Case 2. For all l ≥ k there is a n l ∈ N such that I(l, n l ) = S(l), i.e., all I(l) have maximal element S(l) = S(k).Again c := k satisfies the requirement (5.25).Given n > m > c = k and pm α p m we let n := n n and obtain I(n, n ) = S(n) = S(k) ≥ α and thus pn α p n , as required.
Case 3. If none of the two cases above holds then there must exist some l > k such that the sequences I(k), . . ., I(l − 1) each have a maximal element and for i > l the sequence I(i) has no maximal element.To see this, consider sequences I(m) and I(n) with n > m ≥ k.If I(n) has a maximal element then so must I(m), by Eq. (5.26) and S(m) = S(n) = S(k).Given this, we repeat the argument for the first case, with c := l and again satisfy the requirement (5.25).
Lemma 46.Consider strong simulation between a OCN N = (Q, Act, δ) and an ω-net N = (Q , Act, δ ).There exists a constant CB ∈ N such that = CB .Proof.We assume the contrary and derive a contradiction.By Lemma 44, part 4, the inclusion ⊆ β always holds for every ordinal β.Thus, if there is no CB ∈ N with = CB , then for every finite β ∈ N there are processes p 0 m 0 and p 0 m 0 such that p 0 m 0 β p 0 m 0 but p 0 m 0 p 0 m 0 .In particular, this holds for the special case of β = |Q × Q |(c + 1), where c is the constant given by Lemma 45, which we consider in the rest of this proof.rounds of a simulation game w.r.t.M, M .On the other hand the construction of N , G , presented in Lemma 36, guaranties that one round of a weak simulation game w.r.t.N , N is simulated by 1 round of a simulation game w.r.t.N , G .Thus, if Spoiler has a strategy to win the simulation game relative to M, M in α rounds then she can derive strategies to win the games relative to N , G and to N , N in no more than α rounds.
Lemma 48.For relations between a OCN and an ω-net, we have ωi ⊆ i for every i ∈ N.
Proof.By induction on i.The base case of i = 0 is trivial, since 0 is the full relation.We prove the inductive step by assuming the contrary and deriving a contradiction.Let pm ωi p m and pm i p m for some i > 0. Then there exists some ordinal α such that pm i α p m .Without restriction let α be the least ordinal satisfying this condition.If α ≤ ωi then we trivially have a contradiction.Now we consider the case α > ωi.By pm i α p m and Lemma 43, Spoiler has a winning strategy in the approximant game from position (pm, p m , α, i).Without restriction we assume that Spoiler plays optimally, i.e., wins as quickly as possible.Thus this game must reach some position (qn, q n , α + 1, i) where α ≥ ωi is a limit ordinal, such that Spoiler can win from (qn, q n , α + 1, i) but not from (qn, q n , α , i).I.e., qn i α +1 q n , but qn i α q n .Consider Spoiler's move qn a − − → rl according to her optimal winning strategy in the game from position (qn, q n , α + 1, i).Since qn i α q n and α is a limit ordinal, for every ordinal γ k < α , Duplicator must have some countermove q n a − − → r k l k such that rl j γ k r k l k , where j = i − 1 if the move was via an ω-step and j = i otherwise.In particular, sup k {γ k } = α .However, since Spoiler's move qn a − − → rl was according to an optimal winning strategy from position (qn, q n , α + 1, i), we have that rl j α r k l k .Therefore, there must be infinitely many different responses q n a − − → r k l k .Infinitely many of these countermoves must be via ω-steps, because apart from these the system is finitely branching.Thus for every ordinal γ < α there is some Duplicator countermove q n a − − → r k l k which is via an ω-step such that rl i−1 γ k r k l k where γ k ≥ γ (note the i − 1 index due to the ω-step).In particular, we can choose γ = ω(i − 1), because i > 0 and α ≥ ωi.Then we have rl i−1 ω(i−1) r k l k , but rl i−1 α r k l k .However, from rl i−1 ω(i−1) r k l k and the induction hypothesis, we obtain rl i−1 r k l k and in particular rl i−1 α r k l k .Contradiction.Theorem 49.Weak simulation approximants on OCN converge at level ω 2 , but not earlier in general.
Proof.First we show that ω 2 is contained in for OCN.Let pm and p m be processes of OCN N and N , respectively, and let M and M be the derived OCN and ω-net from Theorem 33 (page 24).Assume pm ω 2 p m w.r.Before we prove Lemma 50, we introduce two important ingredients for the construction of the nets S k , S k .The first is a class of simple gadgets called test chains that will form part of these nets and allow us to check, by means of a continued simulation game, if the counter value of Spoiler is ≥ i for some hard-wired constant i ∈ N. A test chain for i ∈ N, is a pair T i , T i of OCNs with initial states t i and t i over actions Act = {e, f }.We let t i be the starting point of a counter-decreasing chain of e-steps of length i where the last state of the chain can make an f -step, whereas t i is a simple e-loop (see Fig. 7).Then we observe that for all m, n ∈ N, The second ingredient for our construction is the notion of minimal sufficient values.Consider the approximant k for some parameter k, and let (q, q ) ∈ (Q × Q ) be a pair of states.By monotonicity (Lemma 44, point 1), there is a minimal value suf (q, q , k) ∈ N ∪ {ω} satisfying ∀n ∈ N. q(suf (q, q , k)) k q n . (5.34) Let suf (q, q , k) be ω if no finite value satisfies this condition.The following properties are immediate from the definitions.
We are now ready to present the construction of successive pairs of nets S k , S k , that satisfy the claim of Lemma 50.The idea behind the construction of nets for parameter k + 1 is as follows.Assuming we have already constructed a semilinear representation of k in the form of two OCN S k and S k , we can compute the values suf (q, q , k) for every pair (q, q ).The nets S k+1 and S k+1 are constructed so that a simulation game played on nets S k+1 , S k+1 mimics the approximant game played on M, M with ω-parameter (k + 1) until Duplicator responses via an ω-step, leading to some game position qn vs. q n .Afterwards, the approximant game would continue with the next lower parameter k.In the simulation game on S k+1 and S k+1 , Duplicator cannot make the ω-step but can instead enforce the play to continue in some subgame (a test chain) that he wins iff Spoiler's counter is smaller than the hard-wired value suf (q, q , k).This "forcing" of the play can be implemented for OCN simulation using a standard technique called defender's forcing (see e.g.[11]), that essentially allows Duplicator to reach a universal process (and thus win) in the next round unless his opponent moves in some specific way.
The nets S k+1 and S k+1 thus consist of the original nets M, M where all ω-transitions in Duplicator's net M are replaced by a small constant defenders-forcing script, leading to the corresponding testing gadget.The only difference between two such pairs of nets for different parameters k is the lengths of the test chains.p q t q,q t q,r a, d (q, q ) b (q, r ) p t q,q W a Act ( Q × Q ) ( q , p ) ( q , q ) Act (q, q ) − −− → q .Counter effects are omitted, individual transitions are grouped and punishing moves are colored.For instance, the red arrow from p to W depicts all transitions due to Eq. (5.40) that prevent Spoiler from using any actions of the form (p, p ) ∈ Act unless Duplicator already moved to some state t q,q .Note that Spoiler must prevent Duplicator from reaching the universal state W and that once the players are at states t q,q and t q,q , she has no other option but to play the test chain that starts here.
Proof.Note that by definition of approximants, pm k p m implies pm k α p m for some ordinal α.By the game interpretation (Lemma 43) it is thus sufficient to show that for all ordinals α, if Spoiler has a winning strategy in the approximant game from position (pm, p m , α, k) then she also has a winning strategy in the simulation game between S k , S k from position (pm, p m ).
We proceed by ordinal induction on α.The base case trivially holds since Spoiler loses from a position (pm, p m , 0, k) by definition of the approximant game (Definition 41).
For the induction step let Spoiler play the same move pm a − − → qn for some a ∈ Act in both games according to her assumed winning strategy in the approximant game.Now Duplicator makes his response move in the new game between S k , S k , which yields two cases.In the first case, Duplicator does not use a step induced by a transition from Eq. (5.39).Then his move induces a corresponding move in the approximant game which leads to a new configuration (qn, q n , γ, k) where qn k γ q n for some ordinal γ < α.By the induction hypothesis, Spoiler now has a winning strategy to continue the simulation game from position (qn, q n ).
In the second case, Duplicator's response is via a step induced by a transition from Eq. (5.39), which leads to a new configuration (qn, t r,q n ) for some r ∈ Q.Thus in the approximant game there will exist Duplicator moves to positions (qn, q n , γ, k − 1) where γ < α and n ∈ N can be arbitrarily high.We can safely assume that Duplicator chooses r = q, since otherwise Spoiler can afterwards win in one round by a (q, q ) labeled step from qn.Now in the next round Spoiler can play qn (q,q ) − −−− → t q,q n by Eq. (5.37) and Duplicator's only option is to stay in his current state by Eq. (5.41).The simulation game thus continues from (t q,q n, t q,q n ), which is the beginning of the testing gadget for states q, q .To show that Spoiler wins the rest of the simulation game, we show that indeed, n must be at least be suf (k − 1, q, q ).By our initial assumption, Spoiler wins the approximant game from the position (pm, p m , α, k).Thus there is some ordinal γ < α such that Spoiler also wins the approximant game from position (qn, q n , γ, k − 1) for every n ∈ N. Thus, by Lemma 43 and Definition 39, we have qn k−1 γ q n and by Lemma 44 (item 2) qn k−1 q n for all n ∈ N. By the definition of sufficient values, we obtain n ≥ suf (q, q , k − 1).By the construction of the gadgets and Eq.(5.32) we get t q,q n t q,q n , which concludes our proof.We proceed by induction on α.The claim is trivial for the base case α = 0.For the induction step we consider a move pm a − − → qn for some a ∈ Act by Spoiler in both games according to Spoiler's assumed winning strategy in the simulation game between S k , S k .It cannot be a Spoiler move p (p,q ),0 −−−−−→ t p,q by Eq. (5.37), because this would allow Duplicator to reply by moving to the universal state W by Eq. (5.40).Now we consider all (possibly infinitely many) replies by Duplicator in the approximant game between M, M from a position (pm, p m , γ, k) for some yet to be determined ordinal γ.These replies fall into two classes.
In the first class, Duplicator's move p m a − − → q n is not via an ω-step and thus also a possible move in the simulation game between S k , S k .From our assumption that Spoiler wins the simulation game from position (pm, p m ) in at most α ∈ N steps, it follows that Spoiler wins from (qn, q n ) in at most α − 1 steps.By induction hypothesis, there is an ordinal β such that Spoiler has a winning strategy in the approximant game for k β between M, M from position (qn, q n ).There are only finitely many such replies.Let γ 0 be the maximal such β.
In the second class, Duplicator's move p m a − − → q n uses an ω-step, which does not exist in S k .Instead, Duplicator can move p m a,0 − −− → t r,q m by a step induced by a transition due to Eq. (5.39).From our assumption that Spoiler wins the simulation game from position (pm, p m ) in at most α ∈ N steps, it follows that Spoiler wins from (qn, t r,q m ) in at most α−1 steps.If r = q then this is trivially true by a move due to Eq. (5.37).Otherwise, if r = q, then this can only be achieved by a Spoiler move qn (q,q ),0 − −−−− → t q,q n in the next round, because for any other Spoiler move Duplicator has a winning countermove by Equations (5.42) or (5.43).
In this case Duplicator can only reply with a move t q,q m (q,q ),0 − −−−− → t q,q m due to Eq. (5.41), and we must have that Spoiler can win in at most α − 2 steps from position (t q,q n, t q,q m ), which is the beginning of the testing gadget for states (q, q ).By construction of S k , S k , in particular by definition of the gadgets and Eq.(5.32), this implies that n ≥ suf (q, q , k − 1).By the definition of sufficient values we obtain ∀n ∈ N. qn k−1 q n .Therefore, for every n ∈ N there exists some ordinal β such that qn k−1 β q n .Let γ be the least ordinal greater or equal all those β.Each of the finitely many distinct ω-transitions yields such a γ.Let γ 1 be the maximum of them.as required.
The main result of this section is now a direct consequence of Theorems 29 and 58.Recall that a PSPACE lower bound already holds for strong simulation.
Theorem 59. Checking weak simulation preorder between two OCNs is PSPACE-complete.Moreover, the largest weak simulation relation is semilinear and can be explicitly represented in space exponential in the sizes of the input nets.

Conclusion
In this paper we showed that both strong and weak simulation for one-counter nets are PSPACE-complete.A PSPACE lower bound, as well as decidability of strong simulation were known before [2,9,14].
Our first contribution is a new constructive proof of the Belt Theorem (see Section 4), based on a bounded abstraction of the simulation game.A consequence of this construction is that the simulation relation for fixed nets is a semilinear relation of a very specific form that can be represented explicitly in space exponential in the size of the input nets.Due to the locality of the simulation condition, this representation can be stepwise guessed and verified, which leads to a PSPACE procedure to check whether simulation holds between two given configurations.The complexity of this procedure depends only on the size of the input nets, not on the size of the given configurations.
Our second main contribution is an iterative reduction from weak to strong simulation over one-counter nets.The main difficulty is to deal with unbounded branching (i.e., unrestricted counter increases) of Duplicator during a weak simulation game.Our argument uses a suitable sequence of over-approximations, based on the number of times Duplicator uses unbounded increases during a play.Using the results for the strong case, we show that this sequence necessarily converges at a polynomially bounded level, and that each approximant relation can in fact be represented as the maximal strong simulation over a pair of polynomially enlarged one-counter nets.This allows to conclude that our results for the strong case, namely the effectiveness of an EXPSPACE-representation as well as a PSPACE-decision procedure, carry over to the more general weak simulation as well.
Interesting open problems concern "asymmetric" generalizations, where one of the input systems allows zero-tests, i.e., is a one-counter automaton.In [1] we showed that strong simulation between OCA and OCN is semilinear and thus decidable.However, the proof of semilinearity is not effective, so computability of the relation as well as the complexity of its membership problem remains open.Apart from the obvious PSPACE lower bounds, not much is known about simulation between OCN and OCA, as well as for the weak simulation problems in either way.It is worth mentioning that further generalizations (PDA vs. OCN, OCA vs. OCA, as well as OCN vs. 2-dimensional VASS) are already undecidable [1].
Another direction for further research is to establish the exact complexity of strong/weak simulation for OCN with binary encoded increments and decrements on the counter.Trivially, the PSPACE-lower bound applies for this model and an EXPSPACE upper bound follows from the results of this paper with the observation that these more expressive nets can be unfolded into ordinary OCN with an exponential blow-up.

aDefinition 1 .
− − →⊆ S 2 between configurations.For (s, s ) ∈ a − − → we also write (s, a, s ) or s a − − → s , and call it an a-labeled step from s to s .Given two labeled transition systems S and S , a relation R between the configurations of S and S is a strong simulation if for every pair of configurations (c, c ) ∈ R and every step c a − − → d there exists a step c a − − → d such that (d, d ) ∈ R.

Definition 4 .
Given two labeled transition systems S and S , a relation R between the configurations of S and S is a weak simulation if for every pair of configurations (c, c ) ∈ R and every step c a − − → d there exists a weak step c a = = ⇒ d such that (d, d ) ∈ R.

Figure 3 :
Figure 3: Evaluating the winning condition in position (π, (ρ, ρ )) after a phase of the slope game.

Figure 4 :
Figure 4: A strategy for Duplicator in the slope game is turned into a strategy in the simulation game by inserting forward jumps (red) and rollbacks (green).The green, yellow and red segments have height 1, the gray and blue segments have height 1 and 2 respectively.Nodes with the same labeling indicate positions with the same pair of control states.

Figure 5 :
Figure5: The initial rectangle L 0 (blue) and two belts.Outside L 0 , the coloring of a belt consists of some exponentially bounded block (red), and another exponentially bounded non-trivial block (green) which repeats ad infinitum along the rest of the belt.

Remark 4 .
Observe that no transition of the net G as constructed above has a guard larger than 3|Q| + 1, nor any finite effect is larger than 2|Q| + 1. Lemma 36.For a one-counter net N one can effectively construct a guarded ω-net G over the same set of control states, such that for any OCN N and any two configurations pm, p m of N and N resp., pm p m w.r.t.N , N ⇐⇒ pm p m w.r.t.N , G .(5.4) Proof.Consider the construction from the proof of Lemma 35.Let N ,N be the largest weak simulation w.r.t.N , N and N ,G be the largest strong simulation w.r.t.N , G .For the "if" direction we show that N ,G is a weak simulation w.r.t.N , N .Assume pm N ,G p m and pm a − − → N qn.That means there is a step p m a the full relation.For successor ordinals α + 1, β + 1 let pm β+1 α+1 p m iff for all pm a − − → qn there is a step p m a − − → q n such that either(1) (p , a, ω, q ) ∈ δ , m < n and qn β α q n , or (2) (p , a, d, q ) ∈ δ , n = m + d ∈ N and qn β+1 α q n .For limit ordinals λ we define λ α

Proof. ( 1 )
By Lemma 43, it suffices to observe that Duplicator can reuse a winning strategy in the approximant game from (pm, p m , α, β) to win the game from (pn, p n , α, β) for naturals n ≤ m and n ≥ m .(2)If pm β α p m then, by Lemma 43, Duplicator wins the approximant game from position (pm, p m , β, α).By Lemma 42 he can also win the approximant game from (pm, p m , β, α).Thus pm β α p m by Lemma 43.(3) By point 2) we see that with increasing ordinal index α the approximant relations α form a decreasing sequence of relations, thus they stabilize for some ordinal CA.The existence of a convergence ordinal for CB follows analogously.(4) First we observe that α α = remains to show that = α α .In order to show ⊇ α α , we use CA from point 3) and rewrite the right side of the inclusion to α α = CA = CA+1 .From Definition 39 we get that α = γ α for γ ≥ α and therefore CA+1 CA+1 = CA+1 = CA = CA CA .We see that for every Spoiler's move to a configuration pn from a configuration in CA CA there is Duplicator's response to a configuration p n such that pn CA CA p n .This means CA CA = α α is a simulation relation and hence a subset of .

Lemma 45 .
For any one-counter net N = (Q, Act, δ) and ω-net N = (Q , Act, δ ) there is a fixed bound c ∈ N such that for all states (p, p ) ∈ Q × Q , naturals n > m > c and ordinals α: ∀m .(pm α p m =⇒ ∃n .pn α p n ) (5.25) Proof.It suffices to show the existence of a local bound c that satisfies (5.25) for any given pair of states, since we can simply take the global c to be the maximal such bound over all finitely many pairs.Let CA be the convergence ordinal provided by Lemma 44, point 3 and consider a fixed pair (p, p ) ∈ (Q × Q ) of states.For m, m ∈ N, we define the following (sequences of) ordinals.I(m, m ) = the largest ordinal α with pm α p m or CA if no such α exists, I(m) = the increasing sequence of ordinals I(m, m ) m ≥0 , S(m) = sup{I(m)}.Observe that I(m, m ) can be presented as an infinite matrix where I(m) is a column and S(m) is the limit of the sequence of elements of column I(m) looking upwards.Informally, S(m) = lim i→∞ I(m, i).44 (point 1), we derive that for any m ≤ n ∈ N and m ≤ n ∈ N I(m, n ) ≥ I(m, m ) ≥ I(n, m ) (5.26)

Figure 8 :
Figure 8: The forcing mechanism that replaces a Duplicator transition p a,ω

Lemma 55 .
For all control states (p, p ) ∈ Q × Q and naturals k, m, n ∈ N: pm p m w.r.t.S k , S k =⇒ pm k p m w.r.t.M, M (5.46) Proof.Assume pm p m w.r.t.S k and S k .Since both S k , S k are just one-counter nets, nonsimulation manifests itself at some finite approximant α ∈ N, i.e., pm α p m .By definition of k it suffices to show that some ordinal γ exists such that pm k γ p m w.r.t.M, M .By the game characterization of approximants (Lemma 43) this amounts to showing a winning strategy for Spoiler in the approximant game from position (pm, p m , γ, k).
t. N , N .By Lemma 47 we conclude that pm ω 2 p m w.r.t.M, M .In particular we have pm ω•CB p m w.r.t.M, M , for the level CB ∈ N from Lemma 46.From Lemma 48 we obtain pm CB p m w.r.t.M, M .Lemma 46 then yields pm p m w.r.t.M, M .Finally, by Theorem 33, we obtain that pm p m w.r.t.N , N .To see that ω 2 is needed in general, consider the following class of examples, that are the result of extending the net from Example 31 on page 23.Let N be the simple OCN that consists only of the self-loop A 6:The nets N and N 3 as constructed in Theorem 49.We see that An ω•k B k but also An ω•k+1 B k .5.5.Characterizing Weak Simulation Preorder.In order to show the decidability of simulation between one-counter nets and ω-nets we prove a stronger claim, namely that the largest simulation relation is a semilinear set and one can effectively compute its description.To prove this claim for a fixed pair of nets, we consider approximants k and show (by repeated reduction to strong simulation over OCN and using Theorem 29) that in fact k is effectively semilinear for every level k ∈ N. To be precise, we show the following lemma.Proof.By Theorem 33, it suffices to show the claim for the largest strong simulation between a OCN M and an ω-net M .By Lemma 50, one can iteratively compute the sequence (S k , S k ) k∈N of nets characterizing k for growing k.Because S k and S k are onecounter nets, we can apply Theorem 29 and derive that strong simulation w.r.t.S k , S k , and hence the approximant k w.r.t.M, M are effectively semilinear sets.Recall that for k ∈ N, k+1 ⊆ k .Because equality of semilinear sets is decidable, we can check after each iteration if k+1 ⊇ k holds, in which case we stop with the description of k = .Termination of this procedure is guaranteed by Lemma 46.
Lemma 50.For any one-counter net M and ω-net M with sets of control states Q and Q respectively, there is an effectively computable sequence (S k , S k ) k∈N of pairs of OCN with sets of control states S k ⊇ Q and S k ⊇ Q respectively, such that for all k, m, m ∈ N and states p ∈ Q, p ∈ Q , pm k p m w.r.t.M, M ⇐⇒ pm p m w.r.t.S k , S k .(5.31)A direct consequence of this is the effective semilinearity, and thus decidability, of weak simulation over any fixed pair of one-counter nets.Theorem 51.Let N , N be two one-counter nets.The largest weak simulation relation with respect to N , N is a semilinear set and its representation is effectively computable.
The test chain for ω is the pair T ω , T ω of nets, consisting of simple e-loops t ω