2274
6, JUNE 2016
Driven Stability of Nonlinear Feedback
Shift Registers With Inputs
Jianghua Zhong and Dongdai Lin
Abstract Driven stable nonlinear feedback shift
registers (NFSRs) with inputs are not only able to limit
error propagations in convolutional decoders, but also helpful
to analyze the period properties of sequences generated by a
cascade connection of NFSRs in stream ciphers. An NFSR is
driven stable if and only if the reachable set is a subset of
the basin. Due to lack of efficient algebraic tools, the driven
stability of NFSRs with inputs has been much less studied.
This paper continues to address this research using a Boolean
control network approach. Viewing an NFSR with input as
a Boolean control network, we first give its Boolean control
network representation, which is characterized with a state
transition matrix. Some properties of the state transition matrix
are then provided. Based on these, explicit forms are given
for the reachable set and the set of basin. Two algorithms for
obtaining both the sets are provided as well. Compared with the
exhaustive search and the existing state operator method, the
Boolean control network approach requires lower computational
complexity for those NFSRs with their stages greater than 1.
Index Terms Shift register, stability, convolutional decoder,
computational complexity, state transition matrix.
I. I NTRODUCTION
C ONVOLUTIONAL codes have been used in
many communication applications, such as mobile
communications and satellite communications. They mainly
have several decoding algorithms, including the sequential,
threshold, Viterbi, and BCJR. The sequential algorithm is
a probabilistic decoding method proposed by Wozencraft
in 1961 [1]. In 1963, Massy proposed an algebraic decoding
method, called the threshold algorithm [2]. The Viterbi
algorithm is an optimum decoding method proposed by
Viterbi in 1967 [3], performing maximum likelihood
decoding [5][7]. However, this does not imply that the Viterbi
algorithm is the best for all applications, since there are severe
constraints imposed by hardware complexity [8]. The BCJR
algorithm is an algorithm for maximum a posteriori decoding,
proposed by Bahl, Cocke, Jelinek, and Raviv in 1974 [4].
For the Viterbi and BCJR algorithms, their decoder
complexity grows exponentially with constraint length,
Manuscript received November 5, 2015; revised March 31, 2016; accepted
April 13, 2016. Date of publication April 21, 2016; date of current
version June 14, 2016. This work was supported in part by the Strategic
Priority Research Program of CAS under Grant No. XDA06010701, by the
National 973 Program of China under Grant No. 2011CB302400, and by the
National Natural Science Foundation of China under Grant Nos. 61379139
and 61104075. The associate editor coordinating the review of this paper and
approving it for publication was L. Dolecek.
The authors are with the State Key Laboratory of Information Security,
Institute of Information Engineering, Chinese Academy of Sciences,
Beijing 100093, China (e-mail: zhongjianghua@iie.ac.cn; ddlin@iie.ac.cn).
Digital Object Identifier 10.1109/TCOMM.2016.2557330
0090-6778 2016 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
IEEE TRANSACTIONS ON COMMUNICATIONS, VOL. 64, NO.
which limits their application to those codes with short
constraint lengths [8]. Although technological advancements
in microelectronics have made possible the introductions
(or modified versions) of both algorithms in cellular
telephones, relatively high cost is required in general.
Compared to the other three algorithms, the threshold
algorithm is less efficient, but is easier to implement, which
leads to its applications in telephony and high frequency
radio, where a moderate amount of coding gain is desired at
a relatively low cost [5], [8].
During the process of decoding, a decoding error tends
to induce indefinitely long decoding errors. At the expense
of encoding queues, some schemes such as periodic
re-synchronization were suggested to control this error
propagation. In 1964, Massey and Liu proposed an alternative
way to limit such an error propagation, that is, using a
driven stable nonlinear feedback shift register (NFSR) as
the main building block in a convolutional decoder [9].
In their NFSR-based decoder, the feedback function represents
a decoding algorithm (e.g., threshold algorithm). They also
gave an example therein to highlight the application of the
NFSR-based decoder.
Unlike the well-developed theory of linear feedback shift
registers (LFSRs), the theory of NFSRs has not yet been
well-understood, due to its complexity and lack of efficient
tools. Nevertheless, besides the application in convolutional
coders/decoders, LFSRs and NFSRs have been widely used in
stream ciphers. In particular, NFSRs are more used in recently
developed stream ciphers, such as Grain [10], Trivium [11]
and Mickey [12], thanks to their increased resistance to
cryptanalysis attacks. Since the introductions of Grain and
Trivium in 2005, the stream ciphers in Grain (or Trivium)
family have been attracting much attention. However, their
cryptographic properties including period properties have not
been well-understood. Note that both Grain and Trivium
use cascade connections of NFSRs as their main building
blocks. In a cascade connection of NFSRs, those controlling
NFSRs are cascaded with their controlled NFSRs through
their outputs, which implies that their outputs are the inputs
of their controlled NFSRs. The periods of NFSR sequences
must be considered in order to analyze the cryptographical
security of NFSR-based stream ciphers. Driven stable NFSRs
with inputs are helpful to analyze the period properties of the
sequences generated by a cascade connection of NFSRs in
stream ciphers.
Those NFSRs with inputs holding constantly at zero
are called autonomous NFSRs, while the others are
ZHONG AND LIN: DRIVEN STABILITY OF NFSRs WITH INPUTS
called non-autonomous NFSRs. Usually, we also regard an
autonomous NFSR as an NFSR without input. Numerous
efforts have been made on autonomous NFSRs over the
past decades [13][17]. However, most of them focused on
their periods or feedback functions. There are several studies
addressed their stability. A sufficient condition was given
to determine the global stability [9]. The relations between
stable NFSRs were revealed by Mowle [19]. He also provided
an algorithm for generating stable NFSRs [20]. k-stable
autonomous NFSRs were studied in [21].
In contrast, much fewer efforts were made on
non-autonomous NFSRs. Massey and Liu introduced
the notion of driven stability of non-autonomous NFSRs
in [9], but they did not give any further study therein. Mowle
proposed a programmable procedure to determine the driven
stability of non-autonomous NFSRs, via a next-state operator
and a past-state operator [22]. However, the state operator
method still leads to relatively high time complexity of
computations. To the best knowledge of the authors, since
then the driven stability of non-autonomous NFSRs has not
been further studied, due to lack of efficient tools.
An NFSR was viewed as a finite-state automaton in [23] and
as a finite-state machine in [13]. In particular, an autonomous
NFSR was viewed as a Boolean network in [24][27].
A Boolean network is an autonomous system that evolves as
a finite state automaton through Boolean functions. Boolean
network was first introduced by Kauffman in 1969 to
model a genetic network whose describing variables take
only two values, on and off (or equivalently, 1 and 0,
respectively) [28]. Of course, the behavior of a Boolean
network depends on its internal structure. However, if the
network behavior also depends on an external force, called
(control) input, then the concept of a Boolean network is
naturally extended to that of a Boolean control network.
Over the last decades Boolean (control) networks have
attracted much attention in many communities, ranging
from biology [29][31] and physics [32][34] to system
science [35][40].
In the community of system science, Cheng and his
co-workers developed an algebraic framework for Boolean
(control) networks, using a semi-tensor product approach [41].
In their work, a Boolean (control) network can be equivalently
converted into an algebraic form. Thanks to their algebraic
set-up, the problems related to Boolean functions can be
converted into algebraic problems, which is very helpful to
analyze NFSRs.
Similar to an autonomous NFSR, it is natural to view
a non-autonomous NFSR as a Boolean control network.
Motivated by this, this paper addresses the problem of driven
stability of NFSRs with inputs using a Boolean control
network approach. An NFSR is driven stable if and only
if the reachable set is a subset of the basin. Viewing an
NFSR with input as a Boolean control network, we first
give its Boolean control network representation, which is
characterized with a state transition matrix. Some properties
of the matrix are then provided. Based on these, explicit
expressions are given for the reachable set and the set of basin.
Two algorithms for obtaining both sets are provided as well.
2275
In this paper, we restrict ourselves to the NFSRs with single
inputs. The extension to the NFSRs with multiple inputs is
straightforward.
The contribution of this paper is: a novel approach,
called Boolean control network approach, which is proposed
to facilitate the study of driven stability of NFSRs with
inputs, and leads to lower computational complexity than
the exhaustive search and the existing state operator
method.
The remainder of this paper is organized as follows.
Section II briefly reviews some related work on Boolean
control networks. Section III gives the Boolean control
network representations of NFSRs. Section IV is our main
results on driven stability of NFSRs. The paper is concluded
in Section V.
II. B OOLEAN C ONTROL N ETWORK
In this section, we first briefly review the semi-tensor
product of matrices. We then recall the multi-linear form of
a Boolean function, using the semi-tensor product. Finally,
we revisit some related results on Boolean control networks.
Before all these introductions, we first give some notations
used in this paper.
F2 : the binary Galois field.
Fn2 : the set of all n-dimensional vectors over F2 .
N: the set of nonnegative integers.
In : the identity matrix of dimension n.
ni : the i -th column of the identity matrix In .
n = {ni |i = 1, 2, , n}.
m n : the set of all m-dimensional vectors over n .
Lnm : the set of n m matrices, whose columns belong
to n . If L Lnm , then L = [ni1 ni2 nim ]. For
the sake of simplicity, we write L in a compact form,
as L = n [i 1 i 2 i m ].
Col j (A): the j -th column of a matrix A.
Col(A): the set of all columns of the matrix A.
+, and : the ordinary addition, subtraction and
multiplication in the real field, respectively.
and : the addition and multiplication modulo 2
over F2 , respectively.
A. Semi-Tensor Product
Semi-tensor product of matrices was introduced by
Cheng [41]. It is a generalization of the conventional matrix
product, while it retains all major properties of the latter, such
as the associative law and the distributive law. The semi-tensor
product is defined as follows.
Definition 1 [41]: Let A and B be matrices of dimensions
n m and p q, respectively, and let be the least common
multiple of m and p. The (left) semi-tensor product of A and B
q
m p matrix, given by
is defined as an n
A  B = (A I m )(B I p ), (1)
where denotes the Kronecker Product [42].
Clearly, in Definition 1 if m = p, then the semi-tensor
product of A and B is reduced to their conventional
matrix product. As in the convention matrix product,
2276 IEEE TRANSACTIONS ON COMMUNICATIONS, VOL. 64, NO. 6, JUNE 2016

in the semi-tenor product the power of a matrix A is Lemma 4 [41]: Boolean control network (5) has an
defined as Ak+1 = A  Ak for any positive integer k. equivalent algebraic representation
A toolbox written in Matlab is available at the website
http://lsc.amss.ac.cn/dcheng/stp/STP.zip for some related x(t + 1) = L u x(t)u(t), t N, (6)
computations of the semi-tensor product. For the sake of where x 2n is the state, u 2m is the input, and
simplicity, in the sequel the symbol  is omitted between
L u L2n 2n+m is the state transition matrix, satisfying
matrices if there is no confusion.
Col j (L u ) = Col j (G u1 ) Col j (G un ) (7)
B. Multi-Linear Form of Boolean Function
for all j = 1, 2, . . . , 2n+m , with G ui being the structure matrix
A Boolean function f with n variables is a mapping from of the i -th component of the vectorial function gu in (5) for
Fn2 to F2 , that is, f : Fn2 F2 . It is a linear (resp. nonlinear) any i {1, 2, . . . , n}.
Boolean function if f is a linear (resp. nonlinear) mapping Similarly, for the Boolean network
with respect to its variables in F2 . Let i be the decimal
number corresponding to the binary (i 1 , i 2 , . . . , i n ) via the X(t + 1) = g(X(t)), t N, (8)
mapping i = i 1 2n1 + i 2 2n2 + + i n . Then i ranges
from 0 to 2n 1. For the sake of simplicity, we denote with the state X = [X 1 X 2 X n ]T Fn2 , and the vectorial
f (i ) = f (i 1 , i 2 , . . . , i n ). Then [ f (0), f (1), . . . , f (2n 1)] function g : Fn2 Fn2 , it also has an equivalent algebraic
is called the truth table of f , arranged in the alphabet order, representation:
and [ f (2n 1), f (2n 2), . . . , f (0)] is called the truth table
x(t + 1) = Lx(t), t N, (9)
of f , arranged in the reverse alphabet order.
Identify 1 and 0, respectively, as [1 , 0]T and [0 1]T . where x 2n is the state, and L L2n 2n is the state
Accordingly, identify a variable X F2 as [X X 1]T . We say transition matrix, satisfying
[1 0]T , [0 1]T and [X X 1]T are, respectively, the vector
forms of their scalar forms, 1, 0 and X. To distinguish the Col j (L) = Col j (G 1 ) Col j (G n ) (10)
scalar form and the vector form of a variable, in the sequel
for all j = 1, 2, . . . , 2n , with G i being the structure matrix of
we use the notation X for a variable in F2 , while we use the
the i -th component of g in (8) for any i {1, 2, . . . , n}.
notation x for its vector variable in 2 , that is, X F2 , but
x 2 . Using the above vector forms, a Boolean function f
is changed to f : n2 2 . D. Reachable Set of Boolean Control Network
Lemma 2 [40], [43]: Any Boolean function f (x 1 ,
Definition 5 [40]: Consider Boolean control network (6).
x 2 , . . . , x n ) with x 1 , x 2 , . . . , x n 2 can be expressed as a
Given an initial state x0 and a destination state xd , xd is said
multi-linear form:
to be reachable from x0 if there exists an input sequence u(t0 ),
f (x 1 , x 2 , . . . , x n ) = F x 1 x 2 x n , (2) u(t0 + 1), . . . , u(td ), such that x(t0 ) = x0 and x(td ) = xd .
Lemma 6 [40]: Let L u L2n 2n+1 . Then
where F is called the structure matrix of f , and is uniquely   
expressed as
u 2 n = L u
L k+1 L ku 2i n I2
i
(11)
 
s1 s2 ... s2n
F= (3) for any positive integer k and any i {1, 2, . . . , 2n }.
1 s1 1 s2 . . . 1 s2n
Let R(x0 ) represent the set of all states that are reachable
with [s1 , s2 , . . . , s2n ] being the truth table of f , arranged in from x0 via some input sequences. Then R(x0 ) is usually
the reverse alphabet order. called the reachable set of x0 .
Lemma 3 [40]: Suppose Lemma 7 [40]: Consider the Boolean control network (6).
x = x1 x2 xn (4) Assume p is the minimum positive integer p satisfying

with x i 2 , i = 1, 2 . . . , n. Then x 2n . Moreover, the   p   

p+1
j
vector x = 2n 2n with j {1, 2, . . . , 2n } and the vector Col L u x0  Col L ku x0 .
X = [X 1 X 2 X n ]T Fn2 satisfying 2n1 X 1 + 2n2 X 2 + k=1

+ X n = 2n j are a one-to-one correspondence. Then the reachable set

p 
  
C. Algebraic Representation of Boolean Control Network R(x0 ) = Col L ku x0 .
A Boolean control network with n nodes and m inputs can k=1
be described as: Note that for a given initial state x0 of Boolean control
network (6), the state at time instant k of the Boolean control
X(t + 1) = gu (X(t), U(t)), t N, (5)
network is x(k) = L ku x0 u(0)u(1) . . . u(k 1) for any positive
where X = [X 1 X 2 X n ]T Fn2
is the state, U is Fm
2 integer k. The p above is actually the minimum length of
the input, and the vectorial function gu : Fn+m
2 F n is called
2 input sequences such that the trajectory goes through all the
the state transition function (or the next-state operator). states that are reachable from the initial state x0 .
ZHONG AND LIN: DRIVEN STABILITY OF NFSRs WITH INPUTS
Fig. 1. An n-stage NFSR with a single input.
III. B OOLEAN C ONTROL N ETWORK R EPRESENTATION
OF NFSR W ITH I NPUT
Fig. 1 gives an n-stage NFSR with a single input U [22].
Here b1 , b2 , . . . , bn F2 in the upper row are input
connections. The vector b = [b1 b2 bn ]T is called input
connection vector. Each small square in the middle row
is a binary storage device. a1 , a2 , . . . , an F2 below the
row of small squares are feedback connections. The vector
a = [a1 a2 an ]T is called feedback connection vector.
The contents of the n storage devices are denoted by the
variables X 1 , X 2 , . . . , X n , which form a state of the NFSR,
[X 1 X 2 X n ]T . The contents of the left-most storage
device are used as the outputs of the NFSRs. The n contents,
X 1 , X 2 , . . . , X n , together with the input U , are combined by
a Boolean function f : Fn+1 2 F2 , called feedback function.
At each periodic interval determined by a master clock, the
NFSRs state [X 1 X n1 X n ]T is shifted to the state
[X 2 a1 f b1U X n an1 f bn1 U an f bn U ]T. the state transition function, expressed as:
If the feedback function f is nonlinear, then the feedback shift
register is an NFSR. In particular, if the feedback function f is
linear, then the feedback shift register is reduced to an LFSR.
In a convolutional decoder that uses the NFSR in Fig. 1
to limit error propagations, the input U is a syndrome,
and the feedback function f (X 1 , . . . , X n , U ) is a decoding
algorithm (e.g., threshold algorithm), which always satisfies
f (0, . . . , 0, 0) = 0 due to parity check requirements.
Throughout this paper, we assume that the feedback function f
satisfies f (0, . . . , 0, 0) = 0. Here it is notable to point out
that the syndrome input U may not hold constantly at zero.
In other worlds, the NFSR is a non-autonomous one in a
convolutional decoder. The reason is that the information is
subject to disturbances (e.g., noises) during the transmission
in a channel and therefore, the information at the output of
the channel may have some errors, which implies that the
syndrome input may not hold constantly at zero. On the
other hand, it is worth pointing out that using an NFSR in
a convolutional decoder results in higher performance than
using an LFSR. However, it requires higher computational
complexity. Therefore, in general there is a trade-off between
the performance and the computational complexity.
Besides the application in convolutional decoders to limit
error propagations, driven stable NFSRs with inputs are
helpful to analyze the period properties of sequences generated
by a cascade connection of NFSRs in stream ciphers. Take a
simple example, a cascade connection of NFSR1 into NFSR2,
in which NFSR1 is autonomous and controls NFSR2 through
2277
its output. Hence, NFSR2 is an NFSR with a single input, and
its input is just the output of NFSR1. The input sequences
of NFSR2 are the sequences generated by NFSR1, whose
periods are always greater than 1 in stream ciphers. Moreover,
the sequences generated by this cascade connection of both
NFSRs are the sequences generated by NFSR2 with input
sequences. Assume NFSR2 is driven stable. Then its reachable
set is a subset of the basin, which means that the states
containing in the basin can only be reached even if NFSR2 is
driven by random input sequences. Therefore, if the sequences
generated by the cascade connection of both NFSRs achieve
the maximum period 2n p, then both basin and reachable set
of the driven stable NFSR2 consist of its all possible states,
where n is the stage number of NFSR2 and p > 1 is the
period of its input sequence. This provides a way to determine
whether the sequences generated by a cascade connection of
two NFSRs can achieve the maximum period. Of course, from
the viewpoint of cryptographical security, the maximum period
is preferable.
A. Boolean Control Network Representation
View the NFSR described in Fig. 1 as a Boolean control
network. Then it can be expressed as a nonlinear system
X(t + 1) = gu (X(t), U (t)), t N, (12)
where X = [X 1 X 2 X n ]T Fn2 is the state, U F2 is the
input, and the vectorial function gu = [gu1 gu2 gun ]T is
gu1(X, U ) = X 2 a1 f (X, U ) b1U,
..
. (13)
gu(n1)(X, U ) = X n an1 f (X, U ) bn1 U,
gun (X, U ) = an f (X, U ) bn U.
Theorem 8: Let the truth table of gui in (13) be
(i) (i) (i)
[s1 , s2 , . . . , s2n+1 ],arranged in the reverse alphabet order
for all i = 1, 2, . . . , n. Then the n-stage NFSR with a single
input represented by nonlinear system (12) has an algebraic
representation
x(t + 1) = L u x(t)u(t), t N, (14)
where x 2n is the state, u 2 is the input,
L u L2n 2n+1 is the state transition matrix, in which the
p
j -th column Col j (L u ) = 2nj satisfies
p j = 2n 2n1 s (1)
j 2
n2 (2)
s j 2s (n1)
j s (n)
j , (15)
for each j {1, 2, . . . , 2n+1 }. In particular, p2n+1 = 2n .
Proof: According to Lemmas 3 and 4, we deduce that
the j -th column of L u satisfies Equation (15) for each j
{1, 2, . . . , 2n }. In particular, as f (0, . . . , 0, 0) = 0, we have
gun (0, . . . , 0, 0) = 0. On the other hand, it is easy to see that
gui (0, . . . , 0) = 0 for any i {1, 2, . . . , n1}. Thus, s2(i)
n+1 = 0
for all i = 1, 2, . . . , n. Therefore, we have p2n+1 = 2n . 
In particular, if the input U (t) 0 for any t N, then
the non-autonomous NSFR is reduced to an autonomous one,
2278 IEEE TRANSACTIONS ON COMMUNICATIONS, VOL. 64, NO. 6, JUNE 2016

q
which can be viewed as a Boolean network. In this case, for the state transition matrix L be Col j (L) = 2nj . Then similar
the sake of simplicity, we denote to Theorem 8, we have
h(X 1 , X 2 , . . . , X n ) = f (X 1 , X 2 , . . . , X n , 0), (1) (2) (n1) (n)
(16) q j = 2n 2n1 j 2n2 j 2 j j
and we say h the feedback function of its corresponding (22)
autonomous NFSR. Since f has been assumed to satisfy
for each j {1, 2, . . . , 2n }.
f (0, 0 . . . , 0, 0) = 0, we have h(0, 0, . . . , 0) = 0 for the
For any k {1, 2, . . . , 2n+1 }, denote by
autonomous NFSR throughout the paper. [k] [k] [k]
[X 1 X n U ] the state [X 1 X n U ]T Fn+1
T
2
The autonomous NFSR is called a Galois NFSR, where
corresponding to the decimal number 2n+1 k. Then, we
the feedback is applied to each storage device. If the
have 
feedback is only applied to the right-most storage device,
1, if k is odd,
that is, the feedback connection vector a = [0 0 1], U = [k]
(23)
then the autonomous NFSR is called a Fibonacci NFSR. 0, if k is even.
Reference [15] showed that Galois NFSRs are equivalent
Similarly, for any j {1, 2, . . . , 2n }, denote by
to Fibonacci NFSRs. Moreover, Fibonacci NFSRs are more [ j] [ j] [ j]
commonly used to generate pseudo-random sequences for [X 1 X n1 X n ]T
the state [X 1 X n1 X n ]T Fn2
cryptographical securities. Throughout the paper, we assume corresponding to the decimal number 2n j . Note that the
that the feedback connection vector is a = [0 0 1], and the state transition matrices gu in (12) and g in (17) satisfy g(X) =
[ j] [ j]
autonomous NFSRs always mean the Fibonacci NFSRs with gu (X, 0). Then, [X 1 X n1 0] = [X 1[k] X n1
[k]
U [k] ]
their feedback functions h satisfying h(0, 0, . . . , 0) = 0.
with k = 2 j . Thus, we deduce that the components sk(i) ,
The n-stage autonomous NFSR can be expressed as a
k = 1, 2, . . . , 2n+1 , i = 1, 2, . . . , n, of the truth table of gui
nonlinear system (i)
and the components j , j = 1, 2, . . . , 2n , i = 1, 2, . . . , n, of
X(t + 1) = g(X(t)), (17) the truth table of gi satisfy sk(i) = j(i) when k = 2 j . Hence,
according to Equations (15) and (22), we have q j = p2 j .
where g(X) = gu (X,  0). For any positive integer N, let Therefore, the results follows. 
g N+1 (X) = g g N (X) , which indicates that the state g N (X)
Recall that a Boolean function (X 1 , . . . , X n , U ) is
is shifted N times from X. For the sake of simplicity, in
degenerated with respect to the variable U if is independent
the sequel we say the NFSR represented by (17) is the
of U , that is, (X 1 , . . . , X n , 1) = (X 1 , . . . , X n , 0).
corresponding autonomous NFSR of the non-autonomous one
A vectorial function u = [u1 u2 un ]T is degenerated
represented by (12).
with respect to the variable U if each component ui ,
For the autonomous NFSR, Reference [26] reveals the
i {1, 2, . . . , n}, is degenerated with respect to the variable U .
simple relation between the state transition matrix and the
If the state transition function gu in (12) is degenerated with
true table of the feedback function h. Assume the truth table
respect to the variable U , then the non-autonomous NFSR is
of h in (16) to be [1 , 2 , . . . , 2n ], arranged in the reverse
reduced to an autonomous NFSR.
alphabet order. Then the autonomous NFSR has an algebraic
Proposition 10: The state transition function gu
representation [26]:
in (12) is not degenerated with respect to the variable U if
x(t + 1) = Lx(t), t N, (18) and only if the state transition matrix L u in (14) satisfies

where x 2n is the state, and L L2n 2n is the state Col2 j 1 (L u )

= Col2 j (L u ), j = 1, 2, . . . , 2n . (24)
transition matrix, satisfying
Proof: According to the proof of Proposition 9, for
L = 2n [q1 . . . q2n1 q2n1 +1 q2n ], (19) any k {1, 2, . . . , 2n+1 }, the state [X 1[k] X n[k] U [k] ]T
corresponding to the decimal number 2n+1 k satisfies
with  Equation (23). On the other hand, the function gu is not
qi = 2i i degenerated with respect to the variable U if and only if there
(20)
q2n1 +i = 2i 2n1 +i exists a component gui0 of gu , depending on the variable U ,
which is equivalent to that the truth table [s1(i0 ) , s2(i0 ) , . . . , s2(in+1
0)
]
for all i = 1, 2, . . . , 2n1 . of gui0 satisfies

B. Properties of State Transition Matrix s2(ij01

)
= s2(ij0 ) 1
= s2(ij0 ) , j = 1, 2, . . . , 2n . (25)
Proposition 9: The two state transition matrices L u in (14) In addition, Lemma 3 shows that the states in Fn2 and the
and L in (18) satisfy states in 2n are a one-to-one correspondence. Therefore, from
Equation (15), we deduce that Equation (25) is equivalent
Col j (L) = Col2 j (L u ), j = 1, 2, . . . , 2n . (21)
to p2 j 1
= p2 j , that is, Col2 j 1 (L u )
= Col2 j (L u ) for all
Proof: Denote the truth table of the i -th component gi j = 1, 2, . . . , 2n . 
of g in (17) as [1(i) , 2(i) , . . . , 2(i)
n ], arranged in the reverse Corollary 11: If the state transition function gu in (12) is
alphabet order for all i = 1, 2, . . . , n. Let the j -th column of degenerated with respect to the variable U , then the state
ZHONG AND LIN: DRIVEN STABILITY OF NFSRs WITH INPUTS
transition matrix L u in (14) satisfies
Col2 j 1 (L u ) = Col2 j (L u ), j = 1, 2, . . . , 2n . (26)
IV. D RIVEN S TABILITY OF NFSR S W ITH I NPUTS
In this section, we first briefly review some existing
basic concepts and properties about the stability of NFSRs.
We then present our main results on NFSRs driven stability.
To obtain our main results, we use the Boolean control
network representation of an NFSR obtained in the last
section, to successively investigate the reachable set and the
basin, which completely determine the driven stability of an
NFSR. For some particular cases of the feedback function,
we directly give some theorems to determine the driven
stability, based on the explicit basin and reachable set. For
the other cases, we give two algorithms to respectively obtain
the reachable set and the basin, based on the state transition
matrices obtained/introduced in the last section. We show
that using both algorithms requires lower time complexity
of computations than the exhaustive search and the existing
state operator method to determine the driven stability of
non-autonomous NFSRs with their stages greater than 1.
A. Basic Concepts and Properties
The state diagram of an n-stage autonomous NFSR is a
directed graph, where 2n nodes represent all possible states of
the NFSR, and the edges between nodes represent the nodes
transitions. If the state X is shifted to the state Y, then there is
an edge from X to Y, and X is called a predecessor of Y, while
Y is called the successor of X. Every state of an NFSR has a
unique successor, but may have no predecessors or have only
one predecessor or have two predecessors. The state with two
predecessors is called a branch state, while the state without
predecessors is called a starting state. A sequence of p distinct
states, X1 , X2 , . . . , X p , is called a cycle of length p if X1 is
the successor of X p , and Xi+1 is a successor of Xi for any
i {1, 2, . . . , p 1}. In particular, a cycle of length 1 is
usually called a unit cycle.
Lemma 12 [20]: The number of branch states of an
autonomous NFSR is equal to the number of starting states.
Definition 13: The state X is called an equilibrium state
of the autonomous NFSR represented by (17) (resp. the
non-autonomous NFSR represented by (12)) if g (X) = X
(resp. gu (X, U0 ) = X for some input U0 ).
An equilibrium state of an autonomous NFSR forms a
unit cycle in its state diagram. Besides the equilibrium state
0 = [0 0 0]T , the n-stage non-autonomous NFSR
represented by (12) has possibly three more equilibrium
states, which were listed in [20]. For its corresponding
autonomous NFSR represented by (17), clearly it has two
possible equilibrium states: 0 and 1 = [1 1 1]T .
Definition 14: The set B is called the basin of an
equilibrium state X of an autonomous NFSR, if B is a set
of states eventually reaching the equilibrium state X.
Definition 15: An n-stage autonomous NFSR is globally
stable to the equilibrium state 0, if for any state X Fn2 (or
equivalently, for any state x 2n ), there exists a positive
2279
integer N such that the state transition function g in (17)
(or equivalently, the state transition matrix L in (18)) satisfies
g N (X) = 0 (or equivalently, L N x = 22n ).
n
Definition 16: An n-stage autonomous NFSR is locally
stable to the equilibrium state 0, if there exists some state
n
X0 Fn2 \{0} (or equivalently, some state x0 2n \{22n }) such
that for some positive integer N the state transition function g
in (17) (or equivalently, the state transition matrix L in (18))
n
satisfies g N (X0 ) = 0 (or equivalently, L N x0 = 22n ).
Definition 17: An n-stage NFSR with input is driven stable
to the equilibrium state 0, if for every state X that can
be reached from 0 (or equivalently, every state x that can
n
be reached from 22n ) by driving the NFSR with an input
sequence, there exists a positive integer N such that the
state transition function g in (17) (or equivalently, the state
transition matrix L in (18) ) of its autonomous NFSR satisfies
n
g N (X) = 0 (or equivalently, L N x = 22n ).
For the sake of simplicity, in the sequel we neglect the
equilibrium state 0, and just simply say an NFSR is globally
(or locally or driven) stable. Here it is notable to point
out that in the above concepts, the autonomous NFSRs and
non-autonomous NFSRs are occasionally interwoven, which
may cause some confusion. To avoid confusion, it is very
helpful to keep in mind that the concepts of state diagram,
basin, global stability and local stability are only concerned
with the autonomous NFSRs, while the concept of equilibrium
state can be concerned with the autonomous NFSRs or
non-autonomous NFSRs. The concept of driven stability is for
the non-autonomous NFSRs, but it involves the corresponding
autonomous NFSRs.
n n
Let R(22n ) be the reachable set of the state 22n with an input
n
sequence. We also let B(22n ) be the basin of the equilibrium
n n
state 22n . Note that the reachable set R(22n ) depends on the
n
input of the NFSR, while the basin B(22n ) does not.
The concepts of global stability, local stability and driven
stability of an NFSR imply the following facts.
1. A globally stable autonomous NFSR must be locally
stable, but not the vice versa.
2. An NFSR with input is driven stable if its corresponding
autonomous NFSR is globally stable. However, a
driven stable NFSR with input does not imply that its
corresponding autonomous NFSR is globally stable.
3. An n-stage NFSR with input is driven stable if and only
n n
if its reachable set R(22n ) is a subset of the basin B(22n ).
n
4. If the reachable set R(2n ) of an n-stage driven stable
2
n
NFSR is equal to the full state set 22n , then its
corresponding autonomous NFSR is globally stable.
The driven stability of an NFSR completely depends on two
n n
sets, the reachable set R(22n ) and the basin B(22n ). In the
following we will focus on how to get both sets.
B. Reachable Set
The following Lemma is straightforward.
j
Lemma 18: For any two column vectors 2i n and 2n with
i, j {1, 2, . . . , 2n }, the following properties are satisfied.
1) 2i n I2 = 2n+1 [2i 1 2i ];
j j
2) [2i n 2n ] I2 = [2i n I2 2n I2 ].
2280 IEEE TRANSACTIONS ON COMMUNICATIONS, VOL. 64, NO. 6, JUNE 2016

Theorem 19: For an n-stage NFSR with input represented show that Col(L u 88 ) = {83 , 88 }, Col(L 2u 88 ) = {82 , 83 , 85 , 88 },
by (14), if the state transition function gu in (12) is degenerated Col(L 3u 88 ) = {81 , 82 , 83 , 85 , 86 , 88 }, and Col(L 4u 88 ) = 8 .
with respect to the variable U , then the reachable set Thus, according to Theorem 20, we obtain the reachable set
n
 n
 n 4  
R(22n ) = Col L u 22n = {22n }. (27) R(88 ) = Col L ku 88 = 8 .
k=1
Proof: From Corollary 11, we have Col2n+1 1 (L u ) = Corollary 22: If the state transition function gu in (12) of
Col2n+1 (L u ). Taking into account Theorem 8, we deduce that an n-stage non-autonomous NFSR is not degenerated with
n
Col2n+1 1 (L u ) = Col2n+1 (L u ) = 22n . In addition,
 according

respect to the variable U , and the non-autonomous NFSR is
n
to Lemma 18, we have Col L 2u 22n = Col L u 22n =
n driven stable, then its corresponding autonomous NFSR must
be locally stable.
{Col2n+1 1 (L u ), Col2n+1 (L u )}. Therefore, the result follows Proof: Let L u be the state transition matrix of the
from Lemma 7.  non-autonomous NFSR. Then, according to the proof of
Theorem 20: For an n-stage NFSR with input represented Theorem 20, the two distinct columns Col2n+1 1 (L u ) and
by (14), if the state transition function gu in (12) is not n
Col2n+1 (L u ) are in the reachable set R(22n ). Since the NFSR
degenerated with respect to the variable U , then the reachable n
is driven stable and Col2n+1 (L u ) = 2n , we deduce that the
2
set n
n1
2    state Col2n+1 1 (L u ) that is not equal to 22n eventually reaches
n
n
R(22n ) =
n
Col L ku 22n . (28) the equilibrium state 22n . Thus, the result follows. 
k=1 Next, we strive to give an algorithm in order to obtain
n n
n n the reachable set  R(22n ). Lemma 6 shows that L k+1 u 2 n =
2
Moreover, the cardinality |R(22n )| of the reachable set R(22n ) n n
n
satisfies |R(22n )| 2. L u (L ku 22n ) I2 for any positive integer k. Let Yk = L ku 22n .
n
Proof: Straightforward computations show that L ku 22n Then Yk+1 = L u (Yk I2 ) and Yk L2n+1 2k . To obtain the
n n
L2n 2k and Col(L ku 22n )  Col(L u ) for any positive integer k. reachable set R(22n ), at most 2n1 iterations are required to
Since the state transition function gu in (12) is not degenerated do for Yk . To lower the spacial complexity of computations,
with respect to the variable U , according to Proposition 10 we we can only store the positions of the entry 1s in the columns
have Col2 j 1 (L
 u )
= Col2 j (L u ), j =1, 2, . . .
, 2n . Hence,
 if of all vectors and matrices.
k0 +1 2n k0 n
Col L u 2n is not a subset of i=1 Col L u 2n i 2 for Suppose that the state transition matrix
some positive integer k0 , then from Lemmas 6 and 18, we L u = 2n [ p1 p2 . . . p2n+1 ] (29)
deduce that L ku0 +1 22n has two more distinct columns than
n

k0 2n has been computed. For the matrix L u , we can only keep

L u 2n . Note that L u has at most 2n distinct columns. Then, p1 , p2 , . . . , p2n+1 in memory. Similarly, we define R(2n ) to
n
at most 2n1 iterations are required to do for L ku 22n , and be the set of elements that represent the positions of the
L 2u +1 22n will not
n1 n
n
have
 anyn 
new columns that are different entry 1s of all elements in R(22n ). Precisely speaking, if
2n1 
to those of k=1 Col L u 2n . Thus, Equation (28) follows
k 2 n
R(22n ) = {2i1n , 2i2n , . . . , 2imn }, then R(2n ) = {i 1 , i 2 , . . . , i m }.
from Lemma 7. For the sake of convenience, we also called R(2n ) the
On the other hand, since Col2 j 1 (L u )
= Col2 j (L u ) for reachable set.
all j = 1, 2, . . . , 2n , we have Col2n+1 1 (L u )
= Col2n+1 (L u ). Define two vectors
Considering
n
= [1 2 r ], = [1 2 2r ], (30)
L u 22n = [Col2n+1 1 (L u ) Col2n+1 (L u )],
where i {1, 2, . . . , 2n }
and j {1, 2, . . . , 2n+1 }
with
we conclude that Col2n+1 1 (L u ) and Col2n+1 (L u ) are i = 1, 2, . . . , r and j = 1, 2, . . . , 2r and a positive integer r .
n n
in R(22n ). Therefore, |R(22n )| 2.  We then define the mappings and as follows:
Theorems 19 and 20 show that as a particular Boolean
= () = [21 1 21 2r 1 2r ], (31)
control network, NFSR has an explicit p satisfying the
conditions in Lemma 7, which is the minimum length of input = ( ) = [ p1 p2 p2r ], (32)
sequences such that the trajectory goes through all the states where p1 , p2 , . . . , p2r are from Equation (29).
reachable from the initial state x0 . It is easy to see that the position changes of the entry 1s
Example 21: Consider a 3-stage NFSR with input U , in the columns of the matrix Z k = Yk I2 corresponds to
described as the mapping , while the position changes of the entry 1s


X 1 (t + 1) = X 2 (t) U (t), in the columns of the matrix Yk+1 = L u Z k corresponds to
X 2 (t + 1) = X 3 (t), the mapping . Note that L u has totally 2n+1 columns and

has at most 2n distinct columns. Then it must have some
X 3 (t + 1) = X 1 (t) X 2 (t)X 3 (t) U (t).
repeated elements among p1 , p2 , . . . , p2n+1 . Therefore, based
Clearly, the state transition function gu = [X 1 U X 3 X 1 on a known state transition matrix L u in Equation (29), the
X 2 X 3 U ]T is not degenerated with respect to the variable U . following gives an algorithm to obtain R(2n ).
Using Theorem 8, we get the state transition matrix L u = In Algorithm 1, Steps 4 and 5 are to remove the repeated
8 [5 2 8 3 2 5 4 7 6 1 7 4 1 6 3 8]. Direct computations elements of and to remove its elements that are same as
ZHONG AND LIN: DRIVEN STABILITY OF NFSRs WITH INPUTS
Algorithm 1 Reachable Set
1. Set = 2n and R(2n ) = .
2. Compute (), and set = ().
3. Compute ( ), and set = ( ).
4. Remove the repeated elements of , and set to the
resulting vector.
5. If Col()  R(2n ), then remove the s columns that
belong to R(2n ),and set to the resulting vector and set
R(2n ) = R(2n ) Col(), and goto Step 2. Otherwise,
output R(2n ) and stop.
those of previously obtained s. In Matlab programme, we
can use the operation unique for the removal in Step 4, and
use the operation setdiff for the removal in Step 5. Since L u
has totally 2n+1 columns and has at most 2n distinct columns,
the time complexity of computations for the two removals is
at most 2n+1 + 2n operations. Moreover, the time complexity
of computations for the mapping is at most 2n+1 operations,
and the time complexity of computations for the mapping
is at most 2n . In total, if the matrix L u is known, the time
complexity of computing R(2n ) (or equivalently, the reachable
n
set R(22n )) is at most 2n+2 + 2n+1 operations.
C. Basin
Theorem 23: If the feedback function h(X 1 , X 2 , . . . , X n )
of an n-stage autonomous NFSR satisfies h(0, 0, . . . , 0) = 0
n n
and h(1, 0, . . . , 0) = 1, then the basin B(22n ) = {22n }.
Moreover, if the state transition function gu in (12) of its
corresponding non-autonomous NFSR is (not) degenerated
with respect to the variable U , then the non-autonomous NFSR
is (not) driven stable.
n
Proof: The state [0 0 0]T (or equivalently, the state 22n )
of the autonomous NFSR has two possible predecessors,
[1 0 0]T and itself. Since the feedback function h satisfies
h(0, 0, . . . , 0) = 0 and h(1, 0, . . . , 0) = 1, we can deduce that
[0 0 0]T has itself as the only one predecessor. It implies
that the state [0 0 0]T forms a unit cycle, and this cycle
does not connect with any other states. Therefore, we have
n n n
B(22n ) = {22n }, which yields the cardinality of B(22n ) is 1.
Moreover, if the state transition function gu of the
non-autonomous NFSR is not degenerated with respect to the
variable U , then according to Theorem 20, the cardinality
n
of the reachable set R(22n ) is at least 2, which implies that
n n
R(22n ) is not a subset of B(22n ). Therefore, in this case the
2281
that has only one predecessor. On the other hand, an n-stage
NFSR has totally 2n possible states. Hence, Ns + Nb 2n .
Lemma 12 shows that Ns = Nb . Then the result follows. 
Proposition 25: If the feedback function h(X 1 ,
X 2 , . . . , X n ) of an n-stage autonomous NFSR satisfies
h(0, 0 . . . , 0) = h(1, 0, . . . , 0) = 0, then there is at least one
starting state in the state diagram of the autonomous NFSR.
Proof: If the feedback function h satisfying
h(0, 0 . . . , 0) = h(1, 0, . . . , 0) = 0, then the state [0 0 0]T
has two predecessors, [1 0 0]T and itself, which implies
that [0 0 0]T is a branch state. Thus, the result follows
from Lemma 12. 
Reference [26] gives a way to find all starting states of an
autonomous NFSR, shown in the following lemma.
Lemma 26 [26]: Let L be the transition matrix of
an n-stage autonomous NFSR represented by (18). Then
j
2n , j {1, 2, . . . , 2n }, is a starting state if and only if
j
2 n / Col(L).
Theorem 27: For an n-stage autonomous NFSR
with a feedback function h(X 1 , X 2 , . . . , X n ) satisfying
h(0, 0 . . . , 0) = h(1, 0, . . . , 0) = 0, let L be its state transition
n
matrix. Then the basin of the equilibrium state 22n is
n 
B(22n ) = L k 2i n |1 k K i , K i is the smallest ki
n
satisfying L ki 2i n = 22n , and 2i n
/ Col (L) with (33)
some positive integer i 2n } .
Proof: The result follows from Proposition 25 and
Lemma 26. 
Example 28: Consider a 3-stage autonomous NFSR with a
feedback function h(X 1 , X 2 , X 3 ) = X 1 X 2 X 3 . Obviously,
h(0, 0, 0) = h(1, 0, 0) = 0. Using Equations (19) and (20),
we can easily obtain the state transition matrix L =
8 [2 3 5 8 1 4 5 8]. Clearly, only 86 , 87 / Col(L). For the
state 86 , it is easy to see that L86 = Col6 (L) = 84 , and
L 2 86 = L(L86 ) = L84 = Col4 (L) = 88 . Thus, according to
Theorem 27, we have {84 , 86 , 88 } R(88 ). Similarly, for the
state 86 , we can directly compute that L87 = 85 , L 2 87 = 81 ,
L 3 87 = 82 , L 4 87 = 83 , and L 5 87 = 85 . It implies that 87
reaches a cycle consisting of states 85 , 81 , 82 , 83 , and keeps
staying on this cycle and therefore, never reaches the state 88 .
Hence, R(88 ) = {84 , 86 , 88 }.
Note that an equilibrium state is a particular attractor (i.e.,
a unit cycle). The K i in (33) is actually the transient period
of the state 2i n . Recall that for a given state x0 2n
of a Boolean network, the transient period of x0 , denoted
non-autonomous NFSR is not driven stable. However, if the by K (x0 ), is the smallest k such that x(0) = x0 and x(k) ,
state transition function gu of the non-autonomous NFSR is
degenerated with respect to the variable U , then according to
n n
Theorem 19, the reachable set R(22n ) = {22n }, which indicates
n n
R(22n ) = B(22n ). Hence, in this case the non-autonomous
NFSR is driven stable.
Proposition 24: The number of starting states of an n-stage
autonomous NFSR is at most 2n1 .
Proof: Let Ns be the number of starting states, and Nb be
the number of branch states. For any state of an autonomous
NFSR, it must be a starting state that has no predecessors,
or be a branch state that has two predecessors, or be a state
where  is an attractor (i.e., a cycle) of the Boolean network.
Accordingly, the transient period of the Boolean network
is defined as the maximum number of all K (x0 )s for any
x 0 2 n .
Cheng et al. gave an explicit form of the basin of a cycle C

for a Boolean network in [37]. Let L and K , respectively,
be the state transition matrix and the transient period of the
Boolean network. Denote L (C) = {x|L x C} for any
positive integer . Then the explicit form of the basin of the
cycle C given in [37] is
B(C) = L 1 (C) L 2 (C) L K (C). (34)
2282 IEEE TRANSACTIONS ON COMMUNICATIONS, VOL. 64, NO. 6, JUNE 2016

Clearly, in order to find the basin of a particular cycle, D. Computational Complexity Comparison
n
an equilibrium state C = 22n , their method is to find the In this subsection, we compare the computational
n
predecessors successively from the equilibrium state 22n , while complexity of determining the driven stability of NFSRs
our method given in Theorem 27 is to find the successors for three methods: the exhaustive search, the existing state
successively from starting states. operator method, and our proposed Boolean control network
Reference [37] has shown that the transient period K of approach.
the Boolean network is equal to the smallest satisfying Assume that the algebraic normal form of the feedback
L {L +1 , L +2 , . . . , L 2 }. Computing such a K results
2n
function of the non-autonomous NFSR is known, denoted
2n+1 1
in (22n 1)2n operations, since it is required to compute by f (X 1 , . . . , X n , U ) = i=0 ai X 1i1 X nin U in+1 , where
the positions of the entry 1s in the columns of the ai F2 and i is the decimal number corresponding to the
2n
matrices L 2 , L 3 , . . . , L 2 , and the positions of the entry 1s binary (i 1 , . . . , i n , i n+1 ). Therefore, the algebraic normal form
in the columns of L +1 are just a permutation of those of the feedback function h(X 1 , . . . , X n ) = f (X 1 , . . . , X n , 0),
in the columns of L . In addition, computing L (C) is known as well. Suppose du and d to be the algebraic degrees
requires the exhaustive search of the positions of the entry of f (X 1 , . . . , X n , U ) and h(X 1 , . . . , X n ), respectively.
1s in the columns of L for any positive integer K , 1) Comparison of Time Complexity of Computations to
which results in 2n operations. Assume the matrix L is Obtain the Reachable Set: Using the Boolean control network
known. Then the time complexity of computing B(C) is totally approach, the time complexity of computations to obtain the
(22n + K 1)2n operations. In contrast, since L +1 22n =
n
reachable set is totally at most
L(L 22n ) and there are totally 2n states of an n-stage
n
d   
 u
n
R n+2 n+1
NFSR, our method given in Theorem 27 results in at most Cbcn = (n + 1)2 +2 (i + 1) +1
2n 1 operations, which is much lower than that of their i
i=1
method. n 2
+ 2 (n + 3n 1) (37)
In the following, we strive to give an algorithm to
n
obtain the basin B(22n ). For an n-stage autonomous NFSR operations. The time complexity of computations for the state
with a feedback function h(X 1 , X 2 , . . . , X n ) satisfying operator method in [22] is
h(0, 0, . . . , 0) = h(1, 0, . . . , 0) = 0, let S be a set of d   
 u
n+1
starting states in 2n , and denote its cardinality as |S|. Then Cso = 2
R n+3
N +2 n+1
(i + 1) +n+ N +1
i
1 |S| 2n1 . Suppose that the starting state set S has been i=1
obtained in term of Lemma 26, and its elements are denoted
j
+ 2n (n 2 + n 2) (38)
by 2vn , v = 1, 2, . . . , |S|. Let
operations, while it is
  
J = { j1, j2 , . . . , j|S | }, (35) 
du
n+1
2n
R
Ces =2 4n + (i + 1) (39)
i
which is a set of the positions of the entry 1s of all the elements i=1
in the starting state S. R is lower
operations for the exhaustive search. Clearly, Cbcn
Similar to R(2n ), we define by B(2n ) the set of elements than Ces if n > 1, and it is lower than Cso for any positive
R R
that represent the positions of the entry 1s of all elements integer n.
n
in B(22n ). For the sake of convenience, we also called B(2n ) 2) Comparison of Time Complexity of Computations to
n
the basin of the equilibrium state 22n . Assume that the state Obtain the Basin: Using the Boolean control network
transition matrix L = 2n [q1 q2 . . . q2n ] is known. Define a B to obtain the basin is at
approach, the time complexity Cbcn
mapping most
 d   
: (i ) = qi . (36)  n
Cbcn = 2
B n+2
+2 n
(i + 1) +2 1 (40)
i
Then the mapping and the matrix L are a one-to-one i=1

correspondence. Moreover, k and L k are a one-to-one operations. The time complexity of computations is
correspondence as well for any positive integer k. Note that  d   
 n
any starting state of an NFSR eventually reaches a cycle and Ces = 2
B 2n
(i + 1) + 2n (41)
n i
keeps staying on it. B(22n ) is constituted by the starting states i=1
n
that eventually reach the state 22n and the states that those operations for the exhaustive search, while it is
starting states go through. Moreover, if there is some branch  d   
 n
state, then the states that the branch state goes through is only B
Cso = 2n+2 M + 2n (i + 1) +M +1
required to compute for either starting state that is associated i
i=1
with the branch state.
+ 2n1 (n 2 + 2n 2) (42)
Therefore, based on the mapping and the set J , the
following gives Algorithm 2 to obtain the basin B(2n ) for an operations for the state operator method in [22], where the
n-stage NFSR with a feedback function h(X 1 , X 2 , . . . , X n ) iteration M 2n . Obviously, Cbcn
B is lower than C B if n > 1,
es
satisfying h(0, 0, . . . , 0) = h(1, 0, . . . , 0) = 0. B
and is also lower than Cso for any positive integer n.
ZHONG AND LIN: DRIVEN STABILITY OF NFSRs WITH INPUTS
Algorithm 2 Basin
1. Set v = 1 and B(2n ) = .
2. Set i = jv and B1 = .
3. Compute (i ), and set i = (i ).
4. If i < 2n and (i / B1 or i / B(2n )), then set B1 = B1
{i } and goto Step 3; if i < 2n and (i B1 or i B(2n )),
then set v = v + 1; if i = 2n , then set B(2n ) = B(2n )
B1 {i }.
5. If v |S|, then goto Step 2. Otherwise, output B(2n )
and stop.
In summary, the Boolean control network requires lower
time complexity of computations than the exhaustive search
and the existing state operator method to determine the driven
stability of non-autonomous NFSRs with their stages greater
than 1.
E. Example
Consider a 3-stage NFSR with a single input U , in which
the feedback function is
f (X 1 , X 2 , X 3 , U ) = X 1 X 2 X 3 X 1 X 2 X 1 X 3 X 2 X 3
X 2 X 3 U,
and the feedback connection vector is a = [0 0 1]T , and the
input connection vector is b = [1 1 0]T .
Using the Boolean control network approach and the same
notations as in previous sections, we obtain the state transition
matrix L u = 8 [7 2 5 4 3 6 1 8 8 1 6 3 4 5 1 8]
for the non-autonomous NFSR, while the state transition
matrix L = 8 [2 4 6 8 1 3 5 8] for its corresponding
autonomous NFSR. It is seen that Col j (L) = Col2 j (L u )
and Col2 j 1 (L u )
= Col2 j (L u ), j = 1, 2, . . . , 8, which are to the error-propagation effect in convolutional codes, IEEE Trans. Inf.
consistent with the results in Propositions 9 and 10. Clearly,
only 87 does not belong to Col(L). According to Lemma 26, 87
is the only one starting state for the autonomous NFSR. Using
Algorithm 2, we obtain the basin B(8) = {1, 2, 4, 5, 7, 8}.
Applying Algorithm 1, we get the reachable set R(8) =
{1, 2, 4, 5, 7, 8}. It is seen that R(8) = B(8). Thus, the
non-autonomous NFSR is driven stable.
However, if the input connection vector is modified as
b = [0 1 1]T , then the state transition matrix for the
non-autonomous NFSR is changed as L u = 8 [4 2 2 4
8 6 6 8 3 1 1 3 7 5 6 8]. Again, using Algorithm 1, we
obtain the reachable set R(8) = {1, 2, 3, 4, 6, 8}. Obviously,
R(8)  B(8). Hence, this modified non-autonomous NFSR is
not driven stable.
V. C ONCLUSION
This paper considered the driven stability of NFSRs using a
Boolean control network approach. Driven stable NFSRs can
limit error propagations in convolutional decoders, and are also
helpful to analyze the period properties of sequences generated
by a cascade connection of NFSRs in stream ciphers. In this
paper a Boolean control network representation was given for
an NFSR, after it was viewed as a Boolean control network.
2283
The representation is characterized with a state transition
matrix, whose properties were analyzed. Based on these,
explicit forms were given for both reachable set and basin set
that completely determine the NFSRs driven stability. Two
algorithms were provided to obtain both sets. All involved
computations are some matrix calculations in the sense of
the semi-tensor product, which is the generalization of the
conventional matrix product.
The Boolean control network approach leads to lower time
complexity of computations than the exhaustive search and the
existing state operator method to determine the driven stability
of NFSRs whose stages are greater than 1. The Boolean
control network approach provides a promising method to
theoretically analyze NFSRs with inputs. It may also shed a
light on their design problems.
R EFERENCES
[1] J. M. Wozencraft and B. Reiffen, Sequential Decoding. Cambridge, MA,
USA: MIT Press, 1961.
[2] J. L. Massey, Threshold Decoding. Cambridge, MA, USA: MIT Press,
1963.
[3] A. J. Viterbi, Error bounds for convolutional codes and an
asymptotically optimum decoding algorithm, IEEE Trans. Inf. Theory,
vol. 13, no. 2, pp. 260269, Apr. 1967.
[4] L. R. Bahl, J. Cocke, F. Jelinek, and J. Raviv, Optimal decoding of
linear codes for minimizing symbol error rate, IEEE Trans. Inf. Theory,
vol. 20, no. 2, pp. 284287, Mar. 1974.
[5] S. Lin and D. J. Costello, Jr., Error Control Coding: Fundamentals
and Applications, 2nd ed. Upper Saddle River, NJ, USA: Prentice-Hall,
2004.
[6] H.-H. Tang and M.-C. Lin, On (n, n 1) convolutional codes with low
trellis complexity, IEEE Trans. Commun., vol. 50, no. 1, pp. 3747,
Jan. 2002.
[7] A. Katsiotis, P. Rizomiliotis, and N. Kalouptsidis, Flexible
convolutional codes: Variable rate and complexity, IEEE Trans.
Commun., vol. 60, no. 3, pp. 608613, Mar. 2012.
[8] B. Sklar, Digital Communications: Fundamentals and Applications,
2nd ed. Upper Saddle River, NJ, USA: Prentice-Hall, 2001.
[9] J. L. Massey and R. W. Liu, Application of Lyapunovs direct method
Theory, vol. 10, no. 3, pp. 248250, Jul. 1964.
[10] M. Hell, T. Johansson, and W. Meier, GrainA stream cipher for
constrained environments, eSTREAM, ECRYPT Stream Cipher Project,
London, U.K., Tech. Rep. 2005/010, 2005.
[11] C. De Cannire and B. Preneel, Trivium specifications, eSTREAM,
ECRYPT Stream Cipher Project, London, U.K., Tech. Rep. 2005/030,
2005.
[12] S. Babbage and M. Dodd, The stream cipher MICKEY (version 1),
eSTREAM, ECRYPT Stream Cipher Project, London, U.K., Tech. Rep.
2005/015, 2005.
[13] S. W. Golomb, Shift Register Sequences. Laguna Hills, CA, USA:
Holden-Day, 1967.
[14] H. Fredricksen, A survey of full length nonlinear shift register cycle
algorithms, SIAM Rev., vol. 24, no. 2, pp. 195221, Apr. 1982.
[15] E. Dubrova, A transformation from the Fibonacci to the Galois
NLFSRs, IEEE Trans. Inf. Theory, vol. 55, no. 11, pp. 52635271,
Nov. 2009.
[16] T. Tian and W.-F. Qi, On the density of irreducible NFSRs, IEEE
Trans. Inf. Theory, vol. 59, no. 6, pp. 40064012, Jun. 2013.
[17] P. Dabrowski, G. abuzek, T. Rachwalik, and J. Szmidt, Searching for
nonlinear feedback shift registers with parallel computing, Inf. Process.
Lett., vol. 114, no. 5, pp. 268272, May 2014.
[18] J. La Salle and S. Lefschetz, Stability By Liapunovs Direct Methods
With Applications. New York, NY, USA: Academic, 1961.
[19] F. J. Mowle, Relations between Pn cycles and stable feedback
shift registers, IEEE Trans. Electron. Comput., vol. EC-15, no. 3,
pp. 375378, Jun. 1966.
[20] F. J. Mowle, An algorithm for generating stable feedback shift registers
of order n, J. Assoc. Comput. Mach., vol. 14, no. 3, pp. 529542, 1967.
[21] A. Lempel, On k-stable feedback shift registers, IEEE Trans. Comput.,
vol. C-18, no. 7, pp. 652660, Jul. 1969.
2284
[22] F. J. Mowle, Readily programmable procedures for the analysis of
nonlinear feedback shift registers, IEEE Trans. Comput., vol. C-18,
no. 9, pp. 824829, Sep. 1969.
[23] C. Fontaine, Nonlinear feedback shift register, in Encyclopedia of
Cryptography and Security. New York, NY, USA: Springer-Verlag,
2011, pp. 846848.
[24] H. Qi, On shift register via semi-tensor product approach, in Proc.
32nd Chin. Control Conf., Xian, China, Jul. 2013, pp. 208212.
[25] D. Zhao, H. Peng, L. Li, S. Hui, and Y. Yang, Novel way to research
nonlinear feedback shift register, Sci. China Inf. Sci., vol. 57, no. 9,
pp. 114, 2014.
[26] J. Zhong and D. Lin, A new linearization method for nonlinear feedback
shift registers, J. Comput. Syst. Sci., vol. 81, no. 4, pp. 783796, 2015.
[27] J. Zhong and D. Lin, Stability of nonlinear feedback shift registers,
Sci. China Inf. Sci., vol. 59, no. 1, pp. 112, 2016.
[28] S. A. Kauffman, Metabolic stability and epigenesis in randomly
constructed genetic nets, J. Theor. Biol., vol. 22, no. 3, pp. 437467,
1969.
[29] S. E. Harris, B. K. Sawhill, A. Wuensche, and S. Kauffman, A model
of transcriptional regulatory networks based on biases in the observed
regulation rules, Complexity, vol. 7, no. 4, pp. 2340, 2002.
[30] S. Huang and D. E. Ingber, Shape-dependent control of cell growth,
differentiation, and apoptosis: Switching between attractors in cell
regulatory networks, Experim. Cell Res., vol. 261, no. 1, pp. 91103,
2000.
[31] I. Shmulevich, E. R. Dougherty, S. Kim, and W. Zhang, Probabilistic
Boolean networks: A rule-based uncertainty model for gene regulatory
networks, Bioinformatics, vol. 18, no. 2, pp. 261274, 2002.
[32] R. Albert and A.-L. Barabsi, Dynamics of complex systems: Scaling
laws for the period of Boolean networks, Phys. Rev. Lett., vol. 84,
pp. 56605663, Jun. 2000.
[33] M. Aldana, Boolean dynamics of networks with scale-free topology,
Phys. D, Nonlinear Phenomena, vol. 185, no. 1, pp. 4566, 2003.
[34] B. Samuelsson and C. Troein, Superpolynomial growth in the number
of attractors in Kauffman networks, Phys. Rev. Lett., vol. 90, no. 9,
p. 098701, 2003.
[35] D. Cheng, Input-state approach to Boolean networks, IEEE Trans.
Neural Netw., vol. 20, no. 3, pp. 512521, Mar. 2009.
[36] D. Cheng, Disturbance decoupling of Boolean control networks, IEEE
Trans. Autom. Control, vol. 56, no. 1, pp. 210, Jan. 2011.
[37] D. Cheng and H. Qi, A linear representation of dynamics of Boolean
networks, IEEE Trans. Autom. Control, vol. 55, no. 10, pp. 22512258,
Oct. 2010.
[38] D. Cheng and H. Qi, Statespace analysis of Boolean networks, IEEE
Trans. Neural Netw., vol. 21, no. 4, pp. 584594, Apr. 2010.
[39] D. Cheng and H. Qi, Controllability and observability of Boolean
control networks, Automatica, vol. 45, no. 7, pp. 16591667, 2009.
[40] D. Cheng, H. Qi, and Z. Li, Analysis and Control of Boolean Networks:
A Semi-Tensor Product Approach. London, U.K.: Springer-Verlag, 2011.
IEEE TRANSACTIONS ON COMMUNICATIONS, VOL. 64, NO. 6, JUNE 2016
[41] D. Cheng, H. Qi, and Y. Zhao, An Introduction to Semi-Tensor Product
of Matrices and Its Applications. Singapore: World Scientific, 2012.
[42] R. A. Horn and C. R. Johnson, Topics in Matrix Analysis. Cambridge,
U.K.: Cambridge Univ. Press, 1991.
[43] H. Qi and D. Cheng, Logic and logic-based control, J. Control Theory
Appl., vol. 6, no. 1, pp. 2636, 2008.
Jianghua Zhong received the B.S. degree in
mathematics from Nanchang University, Nanchang,
China, in 2000, the M.S. degree in applied
mathematics from Fuzhou University, Fuzhou,
China, in 2003, and the Ph.D. degree in system
theory from the Academy of Mathematics and
Systems Science, Chinese Academy of Sciences,
Beijing, in 2007. From 2007 to 2009, she was a
Post-Doctoral Fellow with the Royal Institute of
Technology, Stockholm, Sweden. After that, she was
with the Institute of Complexity Science, Qingdao
University, Qingdao, China, until 2015, first as an Assistant Professor and
then an Associate Professor. Since 2013, she has been with the State Key
Laboratory of Information Security, Institute of Information Engineering,
Chinese Academy of Sciences. Her current research interests include nonlinear
control, and nonlinear analysis in coding and cryptography.
Dongdai Lin received the M.S. and Ph.D. degrees
in fundamental mathematics from the Institute of
Systems Science, Chinese Academy of Sciences, in
1987 and 1990, respectively. He was an Associate
Professor from 1993 to 1998, a Professor with the
Institute of Systems Science from 1998 to 2001,
and a Professor with the Institute of Software,
Chinese Academy of Sciences, from 2001 to 2011.
He is currently a Professor with the Institute
of Information Engineering, Chinese Academy of
Sciences, and the Director of the State Key
Laboratory of Information Security. He has authored over 200 research papers
in journals and conference proceedings. He is also involved in multivariate
public key cryptography, sequences and stream cipher, zero knowledge
proof, and network-based cryptographic computation. His research interests
include cryptology, security protocols, symbolic computation, and software
development.