This paper investigates the verification of initial-final opacity (IFO)—determining whether a system may evolve from a secret initial state to a secret final state under passive adversaries. We establish the first tight computational complexity bounds for IFO verification, proving it is 2-EXPTIME-complete in general. Methodologically, we propose and systematically compare two fundamentally distinct algorithmic approaches: a lattice-based estimator leveraging binary relation semigroups, and a language-inclusion reduction method. We further identify structurally restricted subclasses for which IFO verification is polynomial-time solvable. Through rigorous automata-theoretic analysis, semigroup algebraic reasoning, and extensive benchmarking on large-scale instances, we characterize the precise performance trade-offs between the two methods. Our results provide both a theoretical foundation for secure state estimation and practical algorithmic guidelines for opacity verification in cyber-physical and information-flow security applications.

Opacity is a general framework modeling security properties of systems interacting with a passive attacker. Initial-and-final-state opacity (IFO) generalizes the classical notions of opacity, such as current-state opacity and initial-state opacity. In IFO, the secret is whether the system evolved from a given initial state to a given final state or not. There are two algorithms for IFO verification. One arises from a trellis-based state estimator, which builds a semigroup of binary relations generated by the events of the automaton, and the other is based on the reduction to language inclusion. The time complexity of both algorithms is bounded by a super-exponential function, and it is a challenging open problem to find a faster algorithm or to show that no faster algorithm exists. We discuss the lower-bound time complexity for both general and special cases, and use extensive benchmarks to compare the existing algorithms.