A safety verification device of a reactive system, in which a set of axioms consists only of a commutative law and an associative law, comprises a translation unit (8) which generates, under said set of axioms, a first equational tree automaton which accepts a set of terms; a simulation unit (9) which generates, under a set of rewriting rules and said set of axioms and using said first equational tree automaton as initial data, a second equational tree automaton which accepts said set of terms and a set of terms derived from said set of terms; and a set operation unit (10) which generates a fourth equational tree automaton by associating said second equational tree automaton with a third equational tree automaton which accepts a set of terms to be verified, and determines whether or not a set accepted by the fourth equational tree automaton is an empty set.