Safety and liveness in branching time

Extends B. Alpern & F.B. Schneider's linear time characterization of safety and liveness properties to branching time, where properties are sets of trees. We define two closure operators that give rise to the following four extremal types of properties: universally safe, existentially safe, universally live and existentially live. The distinction between universal and existential properties captures the difference between the CTL (computation tree logic) path quantifiers /spl forall/ (for all paths) and /spl exist/ (there is a path). We show that every branching time property is the intersection of an existentially safe property and an existentially live property, a universally safe property and a universally live property, and an existentially safe property and a universally live property. We also examine how our closure operators behave on linear-time properties. We then focus on sets of finitely branching trees and show that our closure operators agree on linear-time safety properties. Furthermore, if a set of trees is given implicitly as a Rabin tree automaton /spl Bscr/, we show that it is possible to compute the Rabin automata corresponding to the closures of the language of /spl Bscr/. This allows us to effectively compute /spl Bscr//sub safe/ and /spl Bscr//sub live/ such that the language of /spl Bscr/ is the intersection of the languages of /spl Bscr//sub safe/ and /spl Bscr//sub live/. As above, /spl Bscr//sub safe/ and /spl Bscr//sub live/ can be chosen so that their languages are existentially safe and existentially live, universally safe and universally live, or existentially safe and universally live.